Cross-Site Scripting Vulnerability in Microsoft Forefront Unified Access Gateway
CVE-2011-1896

Currently unrated

Key Information:

Vendor: Microsoft
Status: Forefront Unified Access Gateway
Vendor: CVE Published:; 12 October 2011

Summary

The Cross-Site Scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway allows attackers to inject arbitrary web scripts or HTML into web applications. This flaw can be exploited via unspecified vectors, potentially leading to unauthorized actions on behalf of users browsing these sites. It is crucial for organizations using the affected versions of Forefront UAG to implement the recommended updates provided by Microsoft to mitigate this security risk.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://osvdb.org/76233

vdb-entryx_refsource_OSVDB

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 12, 2011
Vulnerability Reserved
May 4, 2011