Security Portal

Intrusion Prevention Service

Signature Version: 4.982


WEB Cross-site Scripting -36
Threat Level: High
Release Date: 2017/2/3
Category: Access Control
Signature ID: 1133451
Included In:
Affected OS: Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device
Description: Successful cross-site scripting attacks generally target the users of your web site. Attackers can gain access to your users' cookies or session IDs, allowing them to impersonate users. They could also set up elaborate fake logon screens to steal user names and passwords.
Impact: Remote code execution
Recommendation: Validate all input in web application
False Positive: Slightly
False Negative: None
Additional Information (Links open in new window):
Reference(s): CVE-2011-2133; CVE-2014-4116

Search the Threat Database
Enter Rule ID or Name