Podatność CVE-2023-0214
Publikacja: 2023-01-18

Opis:
A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be injected into the response when accessed through SWG.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
High
Secure Web Gateway 10.2.11 Cross Site Scripting
RedTeam
28.01.2023

Typ:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 Referencje:
https://kcm.trellix.com/corporate/index?page=content&id=SB10393
Copyright 2024, cxsecurity.com

 

Back to Top