Description
Cross-site scripting (XSS) vulnerability in proxy.html in Profense Web Application Firewall 2.6.2 and 2.6.3 allows remote attackers to inject arbitrary web script or HTML via the proxy parameter in a deny_log manage action.
Affected products
- armorlogic / profense_web_application_firewall2.6.2 – 2.6.2
- armorlogic / profense_web_application_firewall2.6.3 – 2.6.3