CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0214

A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be injected into the response when accessed through SWG.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.057

EPSS Ranking 90.0%

CVSS Severity

CVSS v3 Score 6.1

References

Products affected by CVE-2023-0214

Trellix » Skyhigh Secure Web Gateway » Version: 10.0.0

cpe:2.3:a:trellix:skyhigh_secure_web_gateway:10.0.0
Trellix » Skyhigh Secure Web Gateway » Version: 10.2.16

cpe:2.3:a:trellix:skyhigh_secure_web_gateway:10.2.16
Trellix » Skyhigh Secure Web Gateway » Version: 11.0.0

cpe:2.3:a:trellix:skyhigh_secure_web_gateway:11.0.0
Trellix » Skyhigh Secure Web Gateway » Version: 11.2.5

cpe:2.3:a:trellix:skyhigh_secure_web_gateway:11.2.5
Trellix » Skyhigh Secure Web Gateway » Version: 12.0.0

cpe:2.3:a:trellix:skyhigh_secure_web_gateway:12.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0214

Products

Pricing

Contact Us