CVE-2007-6312 Information

Description

Cross-site scripting (XSS) vulnerability in the logon page in Web Reporting Tools portal in Websense Enterprise and Web Security Suite 6.3 allows remote attackers to inject arbitrary web script or HTML via the username field.

Reference

http://secunia.com/advisories/28019 http://securityreason.com/securityalert/3432 http://www.liquidmatrix.org/blog/2007/12/10/advisory-websense-xss-vulnerability/ http://www.securityfocus.com/archive/1/484824/100/0/threaded http://www.securityfocus.com/bid/26793 http://www.securitytracker.com/id?1019066 http://www.vupen.com/english/advisories/2007/4158 http://www.websense.com/SupportPortal/SupportKbs/1840.aspx https://exchange.xforce.ibmcloud.com/vulnerabilities/38936