CVE-2007-3830

Name of the Vulnerable Software and Affected Versions: ISS Proventia Network IPS versions 1.3 through 1.3 (for GX5108) ISS Proventia Network IPS versions 1.5 through 1.5 (for GX5008)

Description: A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the reminder parameter in the alert.php file.

Recommendations: For ISS Proventia Network IPS version 1.3, update to a version that fixes this issue. For ISS Proventia Network IPS version 1.5, update to a version that fixes this issue. As a temporary workaround, consider restricting access to the alert.php file until a patch is available. Avoid using the reminder parameter in the affected endpoint until the issue is resolved.