Vulnerability Description
Cross-site scripting (XSS) vulnerability in the management GUI in Imperva SecureSphere MX Management Server 5.0 allows remote attackers to inject arbitrary web script or HTML via an invalid or prohibited request to a web server protected by SecureSphere, which triggers injection into the "corrective action" section of an alert page.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Imperva | Securesphere | 5.0 |
| Imperva | Securesphere Mx Management Server | 5 |
Related Weaknesses (CWE)
References
- http://imperva.com/go/secadv/20080318
- http://secunia.com/advisories/29439Vendor Advisory
- http://www.securityfocus.com/bid/28279Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41359
- http://imperva.com/go/secadv/20080318
- http://secunia.com/advisories/29439Vendor Advisory
- http://www.securityfocus.com/bid/28279Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41359
FAQ
What is CVE-2008-1463?
CVE-2008-1463 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the management GUI in Imperva SecureSphere MX Management Server 5.0 allows remote attackers to inject arbitrary web script or HTML via an invalid or prohibi...
How severe is CVE-2008-1463?
CVE-2008-1463 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1463?
Check the references section above for vendor advisories and patch information. Affected products include: Imperva Securesphere, Imperva Securesphere Mx Management Server.