Forcepoint WebSecurity 8.5 Cross Site Scripting

Type packetstorm
Reporter Prasenjit Kanti Paul
Modified 2020-02-10T00:00:00


                                            `# Exploit Title: Forcepoint WebSecurity 8.5 - Reflective Cross-Site Scripting  
# Exploit Author: Prasenjit Kanti Paul  
# Vendor Homepage:  
# Software Link:  
# Version: Forcepoint Web Security 8.5  
# Tested on: Windows 7,10 and Linux Mint  
# CVE : CVE-2019-6146  
# ForcePoint KBA:  
# Video PoC:  
# Description: User must visit any site which is restricted as per  
# forcepoint policy. So that forcepoint web security will show a generic  
# page. While parsing "Domain Name" within generic page forcepoint is not  
# validating Host header, which caused XSS.  
Lets assume, while accessing, forcepoint web security prevents  
us to go to that website with its custom exception/blocking page. Now  
follow the steps below:  
1. Intercept the traffic while accessing  
2. Modify the Host header from to ">  
- Oct. 21, 2019 - Issue Reported to PSIRT team of ForcePoint  
- Oct. 23, 2019 - ForcePoint team confirms the issue  
- Oct. 24, 2019 - CVE-2019-6146 has been assigned  
- Jan. 23, 2020 - ForcePoint KBA has been published with proper fixes  
*Prasenjit Kanti Paul*