A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be injected into the response when accessed through SWG.
References
Link | Resource |
---|---|
https://kcm.trellix.com/corporate/index?page=content&id=SB10393 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: trellix
Published: 2023-01-18T10:49:16.055Z
Updated:
Reserved: 2023-01-11T11:16:42.326Z
Link: CVE-2023-0214
JSON object: View
NVD Information
Status : Modified
Published: 2023-01-18T11:15:10.450
Modified: 2023-11-07T03:59:51.737
Link: CVE-2023-0214
JSON object: View
Redhat Information
No data.
CWE