Security Portal

Intrusion Prevention Service

 
Signature Version: 4.982

 



WEB Cross-site Scripting -36
 
Threat Level: High
Release Date: 2017/2/3
 
Category: Access Control
Signature ID: 1133451
Included In:
Affected OS: Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device
 
Description: Successful cross-site scripting attacks generally target the users of your web site. Attackers can gain access to your users' cookies or session IDs, allowing them to impersonate users. They could also set up elaborate fake logon screens to steal user names and passwords.
 
Impact: Remote code execution
Recommendation: Validate all input in web application
 
False Positive: Slightly
False Negative: None
 
Additional Information (Links open in new window):
Reference(s): CVE-2011-2133; CVE-2014-4116
 

Search the Threat Database
Enter Rule ID or Name