Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced prior to 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote malicious users to inject arbitrary web script or HTML into arbitrary web sites via a URL to a site that is blocked based on content filtering, which is not properly handled in the CFS block page, aka "universal website hijacking."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sonicwall sonicos_enhanced |