Cross-Site Scripting Vulnerability in Microsoft Forefront Unified Access Gateway
CVE-2010-2734

Currently unrated

Key Information:

Vendor: Microsoft
Status: Forefront Unified Access Gateway
Vendor: CVE Published:; 10 November 2010

Summary

A cross-site scripting vulnerability exists in the mobile portal of Microsoft Forefront Unified Access Gateway. This flaw allows remote attackers to inject arbitrary web scripts or HTML through unspecified vectors. If exploited, this vulnerability could enable unauthorized access and manipulation of user sessions, potentially compromising sensitive data and affecting overall application integrity.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.us-cert.gov/cas/techalerts/TA10-313A.html

third-party-advisoryx_refsource_CERT

EPSS Score

47% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 10, 2010
Vulnerability Reserved
Jul 14, 2010