CVE-2007-6312

https://notcve.org/view.php?id=CVE-2007-6312

Cross-site scripting (XSS) vulnerability in the logon page in Web Reporting Tools portal in Websense Enterprise and Web Security Suite 6.3 allows remote attackers to inject arbitrary web script or HTML via the username field. Vulnerabilidad de secuencia de comandos en sitios cruzaods (XSS) en la página de entrada en el portal Web Reporting Tools en Websense Enterprise y Web Security Suite 6.3 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del campo username. • http://secunia.com/advisories/28019 http://securityreason.com/securityalert/3432 http://www.liquidmatrix.org/blog/2007/12/10/advisory-websense-xss-vulnerability http://www.securityfocus.com/archive/1/484824/100/0/threaded http://www.securityfocus.com/bid/26793 http://www.securitytracker.com/id?1019066 http://www.vupen.com/english/advisories/2007/4158 http://www.websense.com/SupportPortal/SupportKbs/1840.aspx https://exchange.xforce.ibmcloud.com/vulnerabilities/38936 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •