Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1202

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1202
Last Modified 10 Sep 2008 03:09:53
Published 28 Dec 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1202

Summary

Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error.

Vulnerable Systems

Application

  • Delegate 7.7.0

  • Delegate 7.7.1

  • Delegate 7.8.0

  • Delegate 7.8.1


References

XF - delegate-proxy-css(7745)

BUGTRAQ - 20011228 DeleGate Cross Site Scripting Vulnerability

BID - 3749


Last Updated: 27 May 2016 10:36:34