Search criteria
2 vulnerabilities found for web_security_suite by websense
CVE-2007-6312 (GCVE-0-2007-6312)
Vulnerability from nvd – Published: 2007-12-11 21:00 – Updated: 2024-08-07 16:02
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the logon page in Web Reporting Tools portal in Websense Enterprise and Web Security Suite 6.3 allows remote attackers to inject arbitrary web script or HTML via the username field.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:02:36.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26793",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26793"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/SupportPortal/SupportKbs/1840.aspx"
},
{
"name": "20071210 Advisory: Websense XSS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/484824/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.liquidmatrix.org/blog/2007/12/10/advisory-websense-xss-vulnerability/"
},
{
"name": "ADV-2007-4158",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4158"
},
{
"name": "1019066",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019066"
},
{
"name": "3432",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3432"
},
{
"name": "28019",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28019"
},
{
"name": "websenseenterprise-logon-page-xss(38936)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38936"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the logon page in Web Reporting Tools portal in Websense Enterprise and Web Security Suite 6.3 allows remote attackers to inject arbitrary web script or HTML via the username field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26793",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26793"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/SupportPortal/SupportKbs/1840.aspx"
},
{
"name": "20071210 Advisory: Websense XSS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/484824/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.liquidmatrix.org/blog/2007/12/10/advisory-websense-xss-vulnerability/"
},
{
"name": "ADV-2007-4158",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4158"
},
{
"name": "1019066",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019066"
},
{
"name": "3432",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3432"
},
{
"name": "28019",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28019"
},
{
"name": "websenseenterprise-logon-page-xss(38936)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38936"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the logon page in Web Reporting Tools portal in Websense Enterprise and Web Security Suite 6.3 allows remote attackers to inject arbitrary web script or HTML via the username field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26793",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26793"
},
{
"name": "http://www.websense.com/SupportPortal/SupportKbs/1840.aspx",
"refsource": "CONFIRM",
"url": "http://www.websense.com/SupportPortal/SupportKbs/1840.aspx"
},
{
"name": "20071210 Advisory: Websense XSS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484824/100/0/threaded"
},
{
"name": "http://www.liquidmatrix.org/blog/2007/12/10/advisory-websense-xss-vulnerability/",
"refsource": "MISC",
"url": "http://www.liquidmatrix.org/blog/2007/12/10/advisory-websense-xss-vulnerability/"
},
{
"name": "ADV-2007-4158",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4158"
},
{
"name": "1019066",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019066"
},
{
"name": "3432",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3432"
},
{
"name": "28019",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28019"
},
{
"name": "websenseenterprise-logon-page-xss(38936)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38936"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6312",
"datePublished": "2007-12-11T21:00:00",
"dateReserved": "2007-12-11T00:00:00",
"dateUpdated": "2024-08-07T16:02:36.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6312 (GCVE-0-2007-6312)
Vulnerability from cvelistv5 – Published: 2007-12-11 21:00 – Updated: 2024-08-07 16:02
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the logon page in Web Reporting Tools portal in Websense Enterprise and Web Security Suite 6.3 allows remote attackers to inject arbitrary web script or HTML via the username field.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:02:36.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26793",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26793"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/SupportPortal/SupportKbs/1840.aspx"
},
{
"name": "20071210 Advisory: Websense XSS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/484824/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.liquidmatrix.org/blog/2007/12/10/advisory-websense-xss-vulnerability/"
},
{
"name": "ADV-2007-4158",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4158"
},
{
"name": "1019066",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019066"
},
{
"name": "3432",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3432"
},
{
"name": "28019",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28019"
},
{
"name": "websenseenterprise-logon-page-xss(38936)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38936"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the logon page in Web Reporting Tools portal in Websense Enterprise and Web Security Suite 6.3 allows remote attackers to inject arbitrary web script or HTML via the username field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26793",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26793"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/SupportPortal/SupportKbs/1840.aspx"
},
{
"name": "20071210 Advisory: Websense XSS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/484824/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.liquidmatrix.org/blog/2007/12/10/advisory-websense-xss-vulnerability/"
},
{
"name": "ADV-2007-4158",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4158"
},
{
"name": "1019066",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019066"
},
{
"name": "3432",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3432"
},
{
"name": "28019",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28019"
},
{
"name": "websenseenterprise-logon-page-xss(38936)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38936"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the logon page in Web Reporting Tools portal in Websense Enterprise and Web Security Suite 6.3 allows remote attackers to inject arbitrary web script or HTML via the username field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26793",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26793"
},
{
"name": "http://www.websense.com/SupportPortal/SupportKbs/1840.aspx",
"refsource": "CONFIRM",
"url": "http://www.websense.com/SupportPortal/SupportKbs/1840.aspx"
},
{
"name": "20071210 Advisory: Websense XSS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484824/100/0/threaded"
},
{
"name": "http://www.liquidmatrix.org/blog/2007/12/10/advisory-websense-xss-vulnerability/",
"refsource": "MISC",
"url": "http://www.liquidmatrix.org/blog/2007/12/10/advisory-websense-xss-vulnerability/"
},
{
"name": "ADV-2007-4158",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4158"
},
{
"name": "1019066",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019066"
},
{
"name": "3432",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3432"
},
{
"name": "28019",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28019"
},
{
"name": "websenseenterprise-logon-page-xss(38936)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38936"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6312",
"datePublished": "2007-12-11T21:00:00",
"dateReserved": "2007-12-11T00:00:00",
"dateUpdated": "2024-08-07T16:02:36.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}