漏洞标题
N/A
漏洞描述信息
在网页生成过程中('跨站脚本')输入错误在Forcepoint Cloud Security Gateway (CSG) Web Cloud Security Gateway、Email Security Cloud(登录表单.mhtml模块)、Forcepoint Hybrid Web Security Portal(登录表单.mhtml模块)上允许Reflected XSS。此问题影响云安全 Gateway (CSG):2023年3月29日之前;Web安全:2023年3月29日之前。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud (login_form.mhtml modules), Forcepoint Web Security Portal on Hybrid (login_form.mhtml modules) allows Reflected XSS.This issue affects Cloud Security Gateway (CSG): before 03/29/2023; Web Security: before 03/29/2023.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
漏洞类别
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
漏洞标题
Forcepoint Cloud Security Gateway 跨站脚本漏洞
漏洞描述信息
Forcepoint Cloud Security Gateway是Forcepoint公司的一种融合云安全服务。 Forcepoint Cloud Security Gateway存在安全漏洞。攻击者利用该漏洞执行反射型跨站脚本 (XSS) 攻击。
CVSS信息
N/A
漏洞类别
跨站脚本