CVE-2022-36783

AlgoSec – FireFlow Reflected Cross-Site-Scripting RXSS A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result.html page. The malicious user changes the request from POST to GET and sends the URL to another user victim. JavaScript code is executed on...

CVE-2022-36783

AlgoSec – FireFlow Reflected Cross-Site-Scripting RXSS A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result.html page. The malicious user changes the request from POST to GET and sends the URL to another user victim. JavaScript code is executed on...

Cross site scripting

AlgoSec – FireFlow Reflected Cross-Site-Scripting RXSS A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result.html page. The malicious user changes the request from POST to GET and sends the URL to another user victim. JavaScript code is executed on...

CVE-2022-36783 AlgoSec – FireFlow Reflected Cross-Site-Scripting (RXSS)

AlgoSec – FireFlow Reflected Cross-Site-Scripting RXSS A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result.html page. The malicious user changes the request from POST to GET and sends the URL to another user victim. JavaScript code is executed on...

CVE-2022-36783 AlgoSec – FireFlow Reflected Cross-Site-Scripting (RXSS)

AlgoSec – FireFlow Reflected Cross-Site-Scripting RXSS A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result.html page. The malicious user changes the request from POST to GET and sends the URL to another user victim. JavaScript code is executed on...

CVE-2022-36783

CVE-2022-36783 affects AlgoSec FireFlow with a Reflected Cross-Site-Scripting (RXSS) vector. A malicious user can inject JavaScript into the IntersectudRule parameter on the search/result.html page by changing the request method from POST to GET and sharing the URL with a victim. This results in ...

AlgoSec FireFlow 跨站脚本漏洞

AlgoSec FireFlow is a security application from AlgoSec USA, Inc. It is used to automate the security policy change lifecycle, from submitting a change request to reviewing the changes made. A security vulnerability exists in AlgoSec FireFlow, which stems from a Reflective Cross-Site Scripting...

CVE-2014-4164

Cross-site scripting XSS vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to inject arbitrary web script or HTML via a user signature to SelfService/Prefs.html...

Cross site scripting

Cross-site scripting XSS vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to inject arbitrary web script or HTML via a user signature to SelfService/Prefs.html...

CVE-2014-4164

CVE-2014-4164 : Cross-site scripting (XSS) vulnerability in AlgoSec FireFlow 6.3-b230. The issue allows remote attackers to inject arbitrary web script or HTML via a user signature to SelfService/Prefs.html. The provided documents do not specify exploit details beyond the basic vulnerability desc...

CVE-2014-4164

Cross-site scripting XSS vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to inject arbitrary web script or HTML via a user signature to SelfService/Prefs.html...