MidnightBSD

Advisories for vadesecure

CVE-2023-29712

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the X-Rewrite-URL parameter.

Products Affected

Vendor Product Version
vadesecure secure_gateway *
CVE-2023-29713

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the GET request after the /css/ directory.

Products Affected

Vendor Product Version
vadesecure secure_gateway *
CVE-2023-29714

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via the username, password, and language cookies parameter.

Products Affected

Vendor Product Version
vadesecure secure_gateway *