CVE-2007-5796

Sažetak

Cross-site scripting (XSS) vulnerability in the management console in Blue Coat ProxySG before 4.2.6.1, and 5.x before 5.2.2.5, allows remote attackers to inject arbitrary web script or HTML by modifying the URL that is used for loading Certificate Revocation Lists.

Reference

http://secunia.com/advisories/27452
http://www.bluecoat.com/support/securityadvisories/advisory_cross-site_scripting_vulnerability
http://www.securitytracker.com/id?1018888
http://www.vupen.com/english/advisories/2007/3678
https://exchange.xforce.ibmcloud.com/vulnerabilities/38213

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

26-10-2018 - 14:17

Objavljeno

03-11-2007 - 00:46