A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x before 11.2.6, 10.x before 10.2.17, and controlled release 12.x before 12.0.1 allows a remote malicious user to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be injected into the response when accessed through SWG.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
trellix skyhigh secure web gateway 12.0.0 |
||
trellix skyhigh secure web gateway |