This application requires Javascript for optimal performance.

Cross.Site.Scripting

Release Date Oct 22, 2009
Severity low
Impact Remote attackers can execute arbitrary code or gain sensitive information.
Description This indicates a potential cross-site scripting attack. Cross-site scripting (XSS) is a popular web security issue. If a web application doesn't properly validate input from one user and uses it in the output for other users, attackers can exploit it to send malicious code to other users.
Affected Products All web application environments are susceptible to cross-site scripting.
Recommended Actions Review the code of web application and check all places where user input could possibly become part of the output for other users.
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2010-4828 CVE-2011-2938 CVE-2011-3390 CVE-2007-6316 CVE-2011-2179 CVE-2011-0961 CVE-2011-0959 CVE-2011-1772 CVE-2008-4393 CVE-2008-4918 CVE-2008-3305 CVE-2008-3726 CVE-2007-1355 CVE-2008-2165 CVE-2010-3266 CVE-2010-2370 CVE-2009-1524 CVE-2011-3010 CVE-2011-0508 CVE-2011-4340
Reference/s http://www.securityfocus.com/bid/49235 (BugTraq) http://www.securityfocus.com/bid/49602 (BugTraq) http://www.securityfocus.com/bid/49787 (BugTraq) http://www.securityfocus.com/bid/49160 (BugTraq) http://www.securityfocus.com/bid/49364 (BugTraq) http://www.securityfocus.com/bid/26805 (BugTraq) http://www.securityfocus.com/bid/48087 (BugTraq) http://www.securityfocus.com/bid/48295 (BugTraq) http://www.securityfocus.com/bid/47672 (BugTraq) http://www.securityfocus.com/bid/48106 (BugTraq) http://www.securityfocus.com/bid/47902 (BugTraq) http://www.securityfocus.com/bid/47901 (BugTraq) http://www.securityfocus.com/bid/47728 (BugTraq) http://www.securityfocus.com/bid/47731 (BugTraq) http://www.securityfocus.com/bid/47784 (BugTraq) http://www.securityfocus.com/bid/31998 (BugTraq) http://www.securityfocus.com/bid/47874 (BugTraq) http://www.securityfocus.com/bid/47674 (BugTraq) http://www.securityfocus.com/bid/31580 (BugTraq) http://www.securityfocus.com/bid/32975 (BugTraq) http://www.securityfocus.com/bid/30345 (BugTraq) http://www.securityfocus.com/bid/24058 (BugTraq) http://www.securityfocus.com/bid/29191 (BugTraq) http://www.securityfocus.com/bid/27948 (BugTraq) http://www.securityfocus.com/bid/22738 (BugTraq) http://www.securityfocus.com/bid/49614 (BugTraq) http://www.securityfocus.com/bid/50001 (BugTraq) http://www.securityfocus.com/bid/49746 (BugTraq) http://www.securityfocus.com/bid/49491 (BugTraq) http://www.securityfocus.com/bid/50061 (BugTraq) http://www.securityfocus.com/bid/50917 (BugTraq) http://www.securityfocus.com/bid/50857 (BugTraq)

Reference: VID-17702

Current Threat Level

Vulnerabilities

Virus/Spyware

Spam

PGP Keys

Contact Form

Copyright © 2011 Fortinet Inc. All Rights Reserved