CVE-2014-2844
CVE-2014-2844 describes a reflected XSS in F-Secure Messaging Secure Gateway 7.5.0 prior to patch 1862. The issue results from the SysUser module’s new parameter allowing an authenticated admin to inject arbitrary web script/HTML when processing input, enabling potential cookie access or session ...