CVE-2008-1463

Cross-site scripting (XSS) vulnerability in the management GUI in Imperva SecureSphere MX Management Server 5.0 allows remote attackers to inject arbitrary web script or HTML via an invalid or prohibited request to a web server protected by SecureSphere, which triggers injection into the "corrective action" section of an alert page.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
VendorProductVersion
impervasecuresphere
5.0
impervasecuresphere_mx_management_server
5.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://imperva.com/go/secadv/20080318
http://secunia.com/advisories/29439
http://www.securityfocus.com/bid/28279
https://exchange.xforce.ibmcloud.com/vulnerabilities/41359
http://imperva.com/go/secadv/20080318
http://secunia.com/advisories/29439
http://www.securityfocus.com/bid/28279
https://exchange.xforce.ibmcloud.com/vulnerabilities/41359