CVE-2008-1208 – Check Point VPN-1 UTM Edge NGX 7.0.48x - Login Page Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2008-1208

Cross-site scripting (XSS) vulnerability in the login page in Check Point VPN-1 UTM Edge W Embedded NGX 7.0.48x allows remote attackers to inject arbitrary web script or HTML via the user parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la página de entrada de usuarios de Check Point VPN-1 UTM Edge W Embedded NGX 7.0.48x permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámentro useCheck Point VPN-1 UTM r (usuario). • https://www.exploit-db.com/exploits/31340 http://secunia.com/advisories/29243 http://www.louhi.fi/advisory/checkpoint_080306.txt http://www.securityfocus.com/archive/1/489203/100/0/threaded http://www.securityfocus.com/bid/28116 http://www.securitytracker.com/id?1019554 http://www.vupen.com/english/advisories/2008/0788 https://exchange.xforce.ibmcloud.com/vulnerabilities/41032 https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk34520 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •