A vulnerability identified as problematic has been detected in Endian Firewall 3.3.25 . This affects an unknown function of the file /manage/vpnauthentication/user/ of the component Parameter Handler . The manipulation of the argument remark leads to cross site scripting. This vulnerability is listed as CVE-2026-34821 . The attack may be initiated remotely. There is no available exploit.