Vulnerability CVE-2023-0214


Published: 2023-01-18

Description:
A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be injected into the response when accessed through SWG.

See advisories in our WLB2 database:
Topic
Author
Date
High
Secure Web Gateway 10.2.11 Cross Site Scripting
RedTeam
28.01.2023

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://kcm.trellix.com/corporate/index?page=content&id=SB10393

Copyright 2024, cxsecurity.com

 

Back to Top