CVE-2008-1463

Name of the Vulnerable Software and Affected Versions Imperva SecureSphere MX Management Server version 5.0

Description A cross-site scripting (XSS) issue exists in the management GUI, allowing remote attackers to inject arbitrary web script or HTML via an invalid or prohibited request to a web server protected by SecureSphere. This triggers injection into the corrective action section of an alert page.

Recommendations For Imperva SecureSphere MX Management Server version 5.0, consider disabling access to the management GUI until a fix is available to prevent potential exploitation of the XSS issue. Restrict access to the web server protected by SecureSphere to minimize the risk of arbitrary web script or HTML injection.