16 matches found
CVE-2015-2761
Cross-site scripting XSS vulnerability in the Exceptions and Scanning Exceptions Pages in Websense TRITON AP-WEB before 8.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Authentication flaw
Websense TRITON AP-WEB before 8.0.0 allows remote attackers to enumerate Windows domain user accounts via vectors related to HTTP authentication...
Cross site scripting
Cross-site scripting XSS vulnerability in the Exceptions and Scanning Exceptions Pages in Websense TRITON AP-WEB before 8.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-2761
Cross-site scripting XSS vulnerability in the Exceptions and Scanning Exceptions Pages in Websense TRITON AP-WEB before 8.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-2762
Websense TRITON AP-WEB (before 8.0.0) is affected. The vulnerability allows remote attackers to enumerate Windows domain user accounts via HTTP authentication-related vectors. Root cause is exposure in the AP-WEB authentication flow prior to version 8.0.0. Impact includes potential information di...
CVE-2015-2761
The CVE-2015-2761 entry concerns a Cross-Site Scripting (XSS) vulnerability in the Websense TRITON AP-WEB product (and related TRITON/WEB suites) on the Exceptions and Scanning Exceptions Pages. The underlying issue allows remote attackers to inject arbitrary script/HTML via unspecified vectors, ...
CVE-2015-2762
Websense TRITON AP-WEB before 8.0.0 allows remote attackers to enumerate Windows domain user accounts via vectors related to HTTP authentication...
CVE-2015-2748
Websense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorerwse/, which allows remote attackers to obtain sensitive information via a direct request to a 1 Web Security incident report or the 2 Explorer configuration websense.ini file...
Information disclosure
Websense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorerwse/, which allows remote attackers to obtain sensitive information via a direct request to a 1 Web Security incident report or the 2 Explorer configuration websense.ini file...
CVE-2015-2748
Websense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorerwse/, which allows remote attackers to obtain sensitive information via a direct request to a 1 Web Security incident report or the 2 Explorer configuration websense.ini file...
CVE-2015-2703
Multiple cross-site scripting XSS vulnerabilities in Websense TRITON AP-WEB before 8.0.0 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via the 1 ws-userip in the ws-encdata parameter to cve-bin/moreBlockInfo.cgi in the Data Security block page or 2...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Websense TRITON AP-WEB before 8.0.0 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via the 1 ws-userip in the ws-encdata parameter to cve-bin/moreBlockInfo.cgi in the Data Security block page or 2...
CVE-2014-9711
Multiple cross-site scripting XSS vulnerabilities in the Investigative Reports in Websense TRITON AP-WEB before 8.0.0 and Web Security and Filter, Web Security Gateway, and Web Security Gateway Anywhere 7.8.3 before Hotfix 02 and 7.8.4 before Hotfix 01 allow remote attackers to inject arbitrary w...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Investigative Reports in Websense TRITON AP-WEB before 8.0.0 and Web Security and Filter, Web Security Gateway, and Web Security Gateway Anywhere 7.8.3 before Hotfix 02 and 7.8.4 before Hotfix 01 allow remote attackers to inject arbitrary w...
CVE-2014-9711
Multiple cross-site scripting XSS vulnerabilities in the Investigative Reports in Websense TRITON AP-WEB before 8.0.0 and Web Security and Filter, Web Security Gateway, and Web Security Gateway Anywhere 7.8.3 before Hotfix 02 and 7.8.4 before Hotfix 01 allow remote attackers to inject arbitrary w...
CVE-2014-9711
Websense TRITON products prior to patching show a documented XSS flaw (CVE-2014-9711) in Investigative Reports. Specifically, versions Websense TRITON AP-WEB before 8.0.0 and Web Security components (Web Security and Filter, Web Security Gateway, Web Security Gateway Anywhere) prior to Hotfix 02 ...