RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. The attackers could potentially exploit this vulnerability to execute arbitrary HTML or JavaScript code in the user's browser session in the context of the affected website.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2018/Mar/60 | Mailing List Third Party Advisory |
http://www.securitytracker.com/id/1040577 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2018-03-30 21:29
Updated : 2024-02-04 19:46
NVD link : CVE-2018-1233
Mitre link : CVE-2018-1233
CVE.ORG link : CVE-2018-1233
JSON object : View
Products Affected
rsa
- authentication_agent_for_web
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')