Han Sahin, September 2014
Users of Websense Data Security that are reviewing DLP incidents can be
attacked via Cross-Site Scripting. This issue can be exploited using a
specially crafted email, or by sending a specially crafted HTTP request
through the Websense proxy. The attacker-supplied code can perform a
wide variety of attacks, such as stealing session tokens, login
credentials, performing arbitrary actions as victims, or logging
victims' keystrokes.
This issue was discovered on Websense Triton v7.8.3 and Websense
appliance modules V-Series v7.7. Other versions may be affected as well.
Websense created a workaround to address this issue. System -> Reporting
-> Secure forensics with plain-text
A permanent fix will be included in Websense TRITON APX version 8.1,
scheduled to be release in August, 2015.