The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 text to the 404 error page of a Project Woodstock service on this port.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:11
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850 - Vendor Advisory |
Information
Published : 2012-08-23 10:32
Updated : 2024-11-21 01:11
NVD link : CVE-2009-5120
Mitre link : CVE-2009-5120
CVE.ORG link : CVE-2009-5120
JSON object : View
Products Affected
websense
- websense_web_filter
- websense_web_security
CWE
CWE-16
Configuration