CGI.Referer.XSS
Description
This threat sends a crafted HTTP Request with the referrer field containing a double quote ". This double quote is escaped in C fashion when displayed on a page, allowing an event handle to be created inside of the hyperlink.
Affected Products
Any HTP server.
Impact
Cross site scripting.
Recommended Actions
N/A
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 |