Schweregrad: : Medium
  Identificador(es) CVE: : CVE-2011-1897,MS11-079
  Data do informe: 21 julho 2015

  Descrição

Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Default Reflected XSS Vulnerability."

  Exposição das informações

Please apply DPI Rule 'Generic Cross Site Scripting(XSS) Prevention' and add the port of Microsoft Forefront Unified Access Gateway (UAG) server (Default 50002/TCP) in the Application Type 'Web Application Common' .

  Solução

  Trend Micro Deep Security DPI Rule Number: 1000552
  Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention

  Software infectado e versão:

  • microsoft forefront_unified_access_gateway 2010