Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error.
Max CVSS
7.5
EPSS Score
3.12%
Published
2001-12-28
Updated
2016-10-18
1 vulnerabilities found