[<prev] [next>] [day] [month] [year] [list]
Message-ID: <5509B3A5.3030304@securify.nl>
Date: Wed, 18 Mar 2015 18:19:33 +0100
From: "Securify B.V." <lists@...urify.nl>
To: fulldisclosure@...lists.org
Subject: [FD] Websense Data Security DLP incident Forensics Preview is
vulnerable to Cross-Site Scripting
------------------------------------------------------------------------
Websense Data Security DLP incident Forensics Preview is vulnerable to
Cross-Site Scripting
------------------------------------------------------------------------
Han Sahin, September 2014
------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
Users of Websense Data Security that are reviewing DLP incidents can be
attacked via Cross-Site Scripting. This issue can be exploited using a
specially crafted email, or by sending a specially crafted HTTP request
through the Websense proxy. The attacker-supplied code can perform a
wide variety of attacks, such as stealing session tokens, login
credentials, performing arbitrary actions as victims, or logging
victims' keystrokes.
------------------------------------------------------------------------
Tested versions
------------------------------------------------------------------------
This issue was discovered on Websense Triton v7.8.3 and Websense
appliance modules V-Series v7.7. Other versions may be affected as well.
------------------------------------------------------------------------
Fix
------------------------------------------------------------------------
Websense created a workaround to address this issue. System -> Reporting
-> Secure forensics with plain-text
A permanent fix will be included in Websense TRITON APX version 8.1,
scheduled to be release in August, 2015.
------------------------------------------------------------------------
Details
------------------------------------------------------------------------
https://www.securify.nl/advisory/SFY20140904/websense_data_security_dlp_incident_forensics_preview_is_vulnerable_to_cross_site_scripting.html
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists