ExcelTable response splitting cross-site scripting vulnerability in Microsoft Forefront Unified Access GatewayID: oval:org.secpod.oval:def:2550 | Date: (C)2011-10-12 (M)2022-10-10 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Forefront Unified Access Gateway 2010 or Microsoft Forefront Unified Access Gateway 2010 update 1 or Microsoft Forefront Unified Access Gateway 2010 update 2 or Microsoft Forefront Unified Access Gateway 2010 service pack 1 and is prone to ExcelTable response splitting cross-site scripting vulnerability. A flaw is present in the applications which fails to properly handle script contained in a specially crafted request. Successful exploitation allows remote attackers to gain privileges and disclose information.
Platform: |
Microsoft Windows Server 2008 R2 |
Product: |
Microsoft Forefront Unified Access Gateway 2010 |