8 matches found
SonicWALL NSA 2400 Improper Neutralization of Input During Web Page Generation (CVE-2014-2589)
Cross-site scripting XSS vulnerability in the Dashboard Backend service stats/dashboard.jsp in SonicWall Network Security Appliance NSA 2400 allows remote attackers to inject arbitrary web script or HTML via the sn parameter. This plugin only works with Tenable.ot. Please visit...
EUVD-2014-2621
Malware in sbrugna...
Dell SonicWALL NSA 2400 'stats/dashboard.jsp' Cross Site Scripting Vulnerability
Cross-site scripting XSS vulnerability in the Dashboard Backend service stats/dashboard.jsp in SonicWall Network Security Appliance NSA 2400 allows remote attackers to inject arbitrary web script or HTML via the sn parameter. CVE: CVE-2014-2589 Last updated: March 12, 2018, 4:19 p.m...
Cross site scripting
Cross-site scripting XSS vulnerability in the Dashboard Backend service stats/dashboard.jsp in SonicWall Network Security Appliance NSA 2400 allows remote attackers to inject arbitrary web script or HTML via the sn parameter...
CVE-2014-2589
Cross-site scripting XSS vulnerability in the Dashboard Backend service stats/dashboard.jsp in SonicWall Network Security Appliance NSA 2400 allows remote attackers to inject arbitrary web script or HTML via the sn parameter...
CVE-2014-2589
Cross-site scripting XSS vulnerability in the Dashboard Backend service stats/dashboard.jsp in SonicWall Network Security Appliance NSA 2400 allows remote attackers to inject arbitrary web script or HTML via the sn parameter...
CVE-2014-2589
CVE-2014-2589 describes a Cross-Site Scripting (XSS) vulnerability in the Dashboard Backend service (stats/dashboard.jsp) of SonicWall Network Security Appliance (NSA) 2400. The issue allows remote attackers to inject arbitrary web script or HTML via the sn parameter. Documentation confirms the a...
SonicWALL NSA 2400 Security Dashboard跨站脚本漏洞
SonicWALL NSA 系列采用新一代统一威胁管理UTM技术抵抗各种攻击,兼备入侵防御、防病毒及反间谍软件功能和SonicWALL应用防火墙的应用层控制功能。 由于通过"sn" GET参数传递到/stats/dashboard.jsp的输入在返回用户前未能正确过滤,攻击者可以利用漏洞在受影响站点上下文的用户浏览器会话中执行任意HTML和脚本代码。 0 SonicWALL Network Security Appliance NSA Series 厂商补丁: SonicWALL ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...