XSS in Signurl.asp Vulnerability

  Severity: MEDIUM
  CVE Identifier: CVE-2010-2736,ms10-089
  Advisory Date: JUL 21, 2015

  DESCRIPTION

A cross-site scripting (XSS) vulnerability exists in Forefront Unified Access Gateway (UAG) that could allow specially crafted script code to run under the guise of the server. This is a non-persistent cross-site scripting vulnerability that could allow an attacker to issue commands to the UAG server in the context of the targeted user.

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1000552
  Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention

  AFFECTED SOFTWARE AND VERSION

  • Microsoft Windows

Featured Stories