XSS in Imperva Securesphere_web_application_firewall
CVE-2011-0767
Cross-site scripting (XSS) vulnerability in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall 6.2, 7.x, and 8.x allows remote attackers to inject arbitrary web script or HTML via an HTTP reques…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.012 (65.6th percentile) — read the EPSS interpretation.
Affected products
- Imperva Securesphere_web_application_firewall — versions 6.2, 7.0, 7.0.0.7061
- N/a — versions n/a
Weakness classification (CWE)
References
- cret@cert.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cret@cert.org (x_refsource_MISC)
- cret@cert.org (vdb-entry, x_refsource_XF)
- cret@cert.org (US Government Resource, x_refsource_CERT-VN, third-party-advisory)
- cret@cert.org (x_refsource_CONFIRM, Vendor Advisory)