CVE-2005-1710

Name of the Vulnerable Software and Affected Versions Blue Coat Reporter versions prior to 7.1.2

Description The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to cross-site scripting (XSS) attacks. This can be achieved via the username in an Add User window or the volatile.license to add parameter, which represents the license key, in the Licensing page.

Recommendations For versions prior to 7.1.2, update to version 7.1.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the Add User window and the Licensing page to minimize the risk of exploitation. Avoid using the volatile.license to add parameter in the Licensing page until the issue is resolved.