The exploit demonstrates multiple vulnerabilities in Websense Triton, including remote command execution (RCE) via command injection in `ws_irpt.exe`, HTML injection in `favorites.exe`, and cross-site scripting (XSS) in `detail.exe`. The PoC provides example URIs with payloads for each vulnerability.
Classification
Working Poc 90%
Attack Type
Rce | Xss | Other
Complexity
Trivial
Reliability
Reliable
Target:Websense Triton
No auth needed
Prerequisites:Network access to the Websense Triton interface