Cross-Site Scripting Vulnerability in Blue Coat ProxySG Management Console
CVE-2007-5796

Currently unrated

Key Information:

Vendor: Symantec
Status: Proxysg Firmware
Vendor: CVE Published:; 3 November 2007

Summary

The Blue Coat ProxySG management console is vulnerable to a Cross-Site Scripting (XSS) attack that allows remote attackers to inject arbitrary web scripts or HTML. This vulnerability arises from the improper handling of URLs used to load Certificate Revocation Lists, enabling attackers to modify these URLs and execute malicious code within the context of a user's session.

References

http://www.bluecoat.com/support/securityadvisories/adviso...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/38213

vdb-entryx_refsource_XF

http://secunia.com/advisories/27452

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Nov 3, 2007
Vulnerability Reserved
Nov 2, 2007