Vulners
Lucene search
SurfControl SuperScout Email Filter 3.5 MsgError.ASP Cross-Site Scripting Vulnerability
source: http://www.securityfocus.com/bid/5928/info
SurfControl SuperScout Email Filter comes with a web-based interface to provide remote access to administrative facilities.
The web-based admin interface is prone to cross-site scripting attacks.
It is possible to create a link containing malicious HTML and script code to certain pages in the interface. When this link is visited by a web user, the attacker-supplied script code will execute in user's web client in the security context of the web interface.
This may potentially be exploited to steal cookie-based authentication credentials from legitimate users of the interface.
http://www.example.com/web/msgError.asp?Redirect=loginhtm&Reason=<script>alert(document.cookie);</script>
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
01 Jul 2014 00:00Current
7.1High risk
Vulners AI Score7.1