Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote malicious users to execute arbitrary Javascript on other clients via a URL that generates an error.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
delegate delegate 7.7.0 |
||
delegate delegate 7.7.1 |
||
delegate delegate 7.8.0 |
||
delegate delegate 7.8.1 |