Vulnerability CVE-2015-2702

Vulnerability CVE-2015-2702

Published: 2015-03-25

Description:

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Affected software
Websense -> Triton ap data
Websense -> Triton ap email
Websense -> Triton ap web
Websense -> V-series appliances

http://packetstormsecurity.com/files/130898/Websense-Email-Security-Cross-Site-Scripting.html

http://seclists.org/fulldisclosure/2015/Mar/103

http://www.securityfocus.com/archive/1/534909/100/0/threaded

http://www.securityfocus.com/bid/73345

http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0

https://www.securify.nl/advisory/SFY20140905/websense_email_security_vulnerable_to_persistent_cross_site_scripting_in_audit_log_details_view.html