PT-2001-1726 · Aladdin · Aladdin Esafe Gateway

Published

2001-07-27

Updated

2017-12-19

CVE-2001-0519

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Aladdin eSafe Gateway versions 2.x

Description: The issue allows a remote attacker to bypass HTML SCRIPT filtering by using a specific arrangement of HTML tags, including SCRIPT tags embedded within other SCRIPT tags.

Recommendations: For Aladdin eSafe Gateway versions 2.x, consider disabling the HTML SCRIPT filtering feature temporarily until a patch is available, or apply specific configuration changes to restrict the use of nested SCRIPT tags.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0519

Affected Products

Aladdin Esafe Gateway

PT-2001-1726 · Aladdin · Aladdin Esafe Gateway

CVE-2001-0519

Related Identifiers

Affected Products

References · 4