Description
Multiple cross-site scripting (XSS) vulnerabilities in monitor/m_overview.ink in Websense Content Gateway before 7.7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) menu or (2) item parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Steven Sim Kok Leong · textremotemultiple
https://www.exploit-db.com/exploits/37671
References (2)
Core 2
Core References
Exploit, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/318779
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/50368
Scores
EPSS
0.0159
EPSS Percentile
81.8%
Details
CWE
CWE-79
Status
published
Products (1)
websense/websense_content_content_gateway
< 7.7
Published
Aug 24, 2012
Tracked Since
Feb 18, 2026