Cross site scripting

2014-09-1114:16:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.9%

JSON

Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field.

CPENameOperatorVersion
securesphere_web_application_firewalleq9.0

CPE	Name	Operator	Version
	securesphere_web_application_firewall	eq	9.0

References

osvdb.org/79338

secunia.com/advisories/48086

www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887

www.securityfocus.com/bid/52064

exchange.xforce.ibmcloud.com/vulnerabilities/73264

www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/