CVE-2011-4887

Name of the Vulnerable Software and Affected Versions Imperva SecureSphere Web Application Firewall (WAF) version 9.0

Description A cross-site scripting (XSS) issue exists in the Violations Table of the management GUI in the MX Management Server, allowing remote attackers to inject arbitrary web script or HTML via the username field.

Recommendations For version 9.0, consider restricting access to the management GUI to minimize the risk of exploitation until a fix is available. Avoid using the username field in the Violations Table until the issue is resolved.