vendor:
NSA 4500
by:
Unknown
N/A
CVSS
N/A
HTML-injection and session-hijacking
Unknown
CWE
Product Name: NSA 4500
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: Unknown
Related CWE:
CPE: Unknown
Platforms Tested: Unknown
Unknown
SonicWall NSA 4500 HTML-injection and Session-hijacking Vulnerabilities
Exploiting these issues can allow an attacker to hijack a user's session and gain unauthorized access to the affected application, or run malicious HTML or JavaScript code, potentially allowing the attacker to steal cookie-based authentication credentials, and control how the site is rendered to the user; other attacks are also possible.
Mitigation:
Unknown