VULHUB ™

DeleGate is an open source proxy server which runs in most Unix and Windows environments. DeleGate is developed and maintained by Yutaka Sato. Reportedly, DeleGate does not sufficiently filter HTML tags, including script code, from URL parameters. It is possible to create a malicious link containing arbitrary script code. When a legitimate user browses the malicious link, the script code will be executed in the user's browser. As a result, it may be possible for a remote attacker to steal cookie-based authentication credentials from a legitimate user. The attacker may then hijack the session of the legitimate user. There may also exist a path disclosure issue, however this has not yet been confirmed.

DeleGate is an open source proxy server which runs in most Unix and Windows environments. DeleGate is developed and maintained by Yutaka Sato. Reportedly, DeleGate does not sufficiently filter HTML tags, including script code, from URL parameters. It is possible to create a malicious link containing arbitrary script code. When a legitimate user browses the malicious link, the script code will be executed in the user's browser. As a result, it may be possible for a remote attacker to steal cookie-based authentication credentials from a legitimate user. The attacker may then hijack the session of the legitimate user. There may also exist a path disclosure issue, however this has not yet been confirmed.