CVE-2013-7318

Cross-site scripting XSS vulnerability in BusinessFlow/login in AlgoSec Firewall Analyzer 6.4 allows remote attackers to inject arbitrary web script or HTML via the message parameter...

CVE-2013-7318

AlgoSec Firewall Analyzer 6.4 has an XSS vulnerability in the BusinessFlow/login path, exploitable via the message parameter to inject arbitrary script/HTML. The root cause is an XSS condition in the login flow; remote attackers could induce script execution in a victim’s browser. The provided do...