Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a 403 Forbidden error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Delegate | Delegate | 7.7.0 | 7.7.0 |
Delegate | Delegate | 7.7.1 | 7.7.1 |
Delegate | Delegate | 7.8.0 | 7.8.0 |
Delegate | Delegate | 7.8.1 | 7.8.1 |