VULHUB ™

A cross-site scripting vulnerability has been reported for Microsoft ISA Server. The vulnerability exists due to insufficient sanitization of certain HTTP header fields. Successful exploitation could permit a malicious attacker to cause the execution of hostile HTML and script code in the web client of a user who visits the malicious link. Exploitation could allow for attacks that steal cookie-based authentication credentials.

A cross-site scripting vulnerability has been reported for Microsoft ISA Server. The vulnerability exists due to insufficient sanitization of certain HTTP header fields. Successful exploitation could permit a malicious attacker to cause the execution of hostile HTML and script code in the web client of a user who visits the malicious link. Exploitation could allow for attacks that steal cookie-based authentication credentials.