CVE-2026-3457

Stored XSS vulnerability in Sentinel ACC

Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.This issue affects Sentinel LDK Runtime: before 10.22.

INFO

Published Date :

2026-03-27T09:05:48.226Z

Last Modified :

2026-03-27T13:45:21.259Z

Source :

THA-PSIRT

AFFECTED PRODUCTS

The following products are affected by CVE-2026-3457 vulnerability.

Vendors	Products
Thales	Sentinel Ldk Runtime

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-3457.

URL	Resource
https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=5c18186b478aa950128dca72e36d4391&sysparm_article=KB0027106

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability