Cross-Site Scripting Vulnerability in Check Point Connectra NGX R62
CVE-2008-5994

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Connectra Ngx
Vendor: CVE Published:; 28 January 2009

Summary

The Cross-Site Scripting vulnerability in index.php of Check Point Connectra NGX R62 HFA_01 allows unauthorized remote attackers to execute arbitrary scripts or HTML code by manipulating the dir parameter. This flaw may enable the execution of harmful scripts in the context of the user's session, potentially leading to further exploitation of the affected application and unauthorized data access.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45385

vdb-entryx_refsource_XF

http://secunia.com/advisories/31553

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/31369

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jan 28, 2009
Vulnerability Reserved
Jan 28, 2009