CVE-2010-0703
PortWise SSL VPN 4.6 - Cross-Site Scripting via wa/auth reloadFrame Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-0703. PoCs published by George Christopoulos.
AI-analyzed exploit summary The exploit demonstrates a reflected XSS vulnerability in PortWise SSL VPN by injecting malicious JavaScript via the 'reloadFrame' parameter. The PoC URL triggers an alert with the victim's cookies, confirming the vulnerability.
Description
Cross-site scripting (XSS) vulnerability in wa/auth in PortWise SSL VPN 4.6 allows remote attackers to inject arbitrary web script or HTML via the reloadFrame parameter.
Exploits (1)
The exploit demonstrates a reflected XSS vulnerability in PortWise SSL VPN by injecting malicious JavaScript via the 'reloadFrame' parameter. The PoC URL triggers an alert with the victim's cookies, confirming the vulnerability.