A vulnerability was found in StormShield Network Security up to 4.3.41/4.8.15/5.0.5 and classified as problematic . Affected is an unknown function of the component Login API . Executing a manipulation can lead to cross site scripting. This vulnerability is registered as CVE-2026-8474 . It is possible to launch the attack remotely. No exploit is available.