CVE-2008-1037

Name of the Vulnerable Software and Affected Versions Packeteer PacketShaper and PolicyCenter version 8.2.2

Description A cross-site scripting (XSS) issue exists in the file listing function of the web management interface, allowing remote attackers to inject arbitrary web script or HTML via the FILELIST parameter to an arbitrary component. This triggers injection into an Error Report page.

Recommendations For version 8.2.2, consider restricting access to the file listing function in the web management interface until a fix is available. As a temporary workaround, avoid using the FILELIST parameter in the affected component to minimize the risk of exploitation.