Vulnerability Description
Cross-site scripting (XSS) vulnerability in the management console in Blue Coat ProxySG before 4.2.6.1, and 5.x before 5.2.2.5, allows remote attackers to inject arbitrary web script or HTML by modifying the URL that is used for loading Certificate Revocation Lists.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Proxysg Firmware | < 4.2.6.1 |
| Symantec | Proxysg | - |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/27452Third Party Advisory
- http://www.bluecoat.com/support/securityadvisories/advisory_cross-site_scriptingPatchVendor Advisory
- http://www.securitytracker.com/id?1018888Third Party AdvisoryVDB Entry
- http://www.vupen.com/english/advisories/2007/3678Third Party Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38213Third Party AdvisoryVDB Entry
- http://secunia.com/advisories/27452Third Party Advisory
- http://www.bluecoat.com/support/securityadvisories/advisory_cross-site_scriptingPatchVendor Advisory
- http://www.securitytracker.com/id?1018888Third Party AdvisoryVDB Entry
- http://www.vupen.com/english/advisories/2007/3678Third Party Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38213Third Party AdvisoryVDB Entry
FAQ
What is CVE-2007-5796?
CVE-2007-5796 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the management console in Blue Coat ProxySG before 4.2.6.1, and 5.x before 5.2.2.5, allows remote attackers to inject arbitrary web script or HTML by modify...
How severe is CVE-2007-5796?
CVE-2007-5796 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5796?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Proxysg Firmware, Symantec Proxysg.