Juniper Networks Secure Access 2000 - 'rdremediate.cgi' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28034/info Juniper Networks Secure Access 2000 is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

Juniper Networks Secure Access 2000 rdremediate.cgi跨站脚本漏洞

BUGTRAQ ID: 28034 Juniper Networks的Secure Access 2000是企业级的SSL VPN接入设备。 Secure Access 2000的/dana-na/auth/rdremediate.cgi服务器端脚本没有正确的验证对deliverymode参数的输入，如果用户向该脚本提交了恶意请求的话，就可能在服务器上执行跨站脚本攻击。 Juniper Networks Secure Access 2000 5.5R1 build 11711 厂商补丁： Juniper Networks ----------------...