Vulnerability Note VU#114070
NetScreen Instant Virtual Extranet (IVE) platform contains cross-site scripting vulnerability in delhomepage.cgi
NetScreen Instant Virtual Extranet (IVE) platform contains a cross-site scripting vulnerability in the row parameter of delhomepage.cgi, which could allow an attacker to mount a cross-site scripting attack.
According to NetScreen:
A remote attacker could access sensitive information related to the vulnerable web page (cookies, form values, URI data). The attacker could also attempt to mislead the user into providing sensitive information such as login credentials.
NetScreen has provided a patch to address this vulnerability. For details on obtaining the patch corresponding to your currently installed release, please refer to the NetScreen Advisory.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|NetScreen||Affected||-||09 Mar 2004|
CVSS Metrics (Learn More)
This vulnerability was reported by Mark Lachniet.
This document was written by Damon Morda.
- CVE IDs: Unknown
- Date Public: 02 Mar 2004
- Date First Published: 09 Mar 2004
- Date Last Updated: 09 Mar 2004
- Severity Metric: 1.03
- Document Revision: 11
If you have feedback, comments, or additional information about this vulnerability, please send us email.