Cross-Site Scripting Vulnerability in Microsoft Forefront Unified Access Gateway
CVE-2010-2733

Currently unrated

Key Information:

Vendor: Microsoft
Status: Forefront Unified Access Gateway
Vendor: CVE Published:; 10 November 2010

Summary

A cross-site scripting (XSS) vulnerability exists in the Web Monitor component of Microsoft Forefront Unified Access Gateway, which could allow remote attackers to inject arbitrary web scripts or HTML into the affected product. This exploitation may lead to user sessions being compromised or user data being exposed, as attackers can leverage this vulnerability to execute malicious scripts in the context of a web user's session.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.us-cert.gov/cas/techalerts/TA10-313A.html

third-party-advisoryx_refsource_CERT

EPSS Score

47% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 10, 2010
Vulnerability Reserved
Jul 14, 2010