CVE-2008-1463

Cross-site scripting (XSS) vulnerability in the management GUI in Imperva SecureSphere MX Management Server 5.0 allows remote attackers to inject arbitrary web script or HTML via an invalid or prohibited request to a web server protected by SecureSphere, which triggers injection into the "corrective action" section of an alert page.

Published: Mar 24, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-1463
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
imperva / securesphere_mx_management_server	5.0	5.0.x
imperva / securesphere	5.0	5.0.x
imperva / securesphere_mx_management_server	5	5.x

http://imperva.com/go/secadv/20080318
http://secunia.com/advisories/29439
http://www.securityfocus.com/bid/28279
https://exchange.xforce.ibmcloud.com/vulnerabilities/41359

Vulnerability Database

CVE-2008-1463