header-logo
Suggest Exploit
vendor:
eSafe Gateway
by:
SecurityFocus
7.5
CVSS
HIGH
Bypass Script Filtering
94
CWE
Product Name: eSafe Gateway
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

eSafe Gateway Script Filtering Bypass Vulnerability

eSafe Gateway is a security utility used for filtering internet content. An html file may be crafted to bypass the script-filtering feature offered by eSafe Gateway. This is done by simply encoding the <SCRIPT> tag in Unicode format, such that the filter ignores the call to execute the script.

Mitigation:

Ensure that the eSafe Gateway is configured to properly filter HTML content.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2801/info

eSafe Gateway is a security utility used for filtering internet content.

An html file may be crafted to bypass the script-filtering feature offered by eSafe Gateway. This is done by simply encoding the <SCRIPT> tag in Unicode format, such that the filter ignores the call to execute the script. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/20891.zip

Navigation

Suggest Exploit

Services By CQR