Security Advisory

CVE-2009-1593

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-05-21 14:00:00

Last updated 2024-08-07 05:20:33

Assigner mitre

State PUBLISHED

Description

Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, does not properly implement the "negative model," which allows remote attackers to conduct cross-site scripting (XSS) attacks via a modified end tag of a SCRIPT element.

← Browse all CVEs View on cve.org ↗