Home / os

Secure Web Gateway 10.2.11 Cross Site Scripting

Posted on 26 January 2023

Secure Web Gateway version 10.2.11 suffers from a cross site scripting vulnerability. RedTeam Pentesting identified a vulnerability which allows attackers to craft URLs to any third-party website that result in arbitrary content to be injected into the response when accessed through the Secure Web Gateway. While it is possible to inject arbitrary content types, the primary risk arises from JavaScript code allowing for cross site scripting.

 

TOP