Hi all, nevisProxy is a Swiss secure reverse proxy with integrated web application firewall (WAF). It acts as a central upstream entry point for web traffic to integrated online applications. nevisProxy controls user access and protects sensitive data, applications, services, and systems from internal and external threats. nevisProxy is a component of AdNovum's security framework Nevis. The security product is prone to a XSS vulnerability in its redirection routine. Details: ----------- http://www.csnc.ch/misc/files/advisories/CSNC-2012-004_Nevis_XSS_within_ 302_Redirections_publicVersion.txt References: ----------- http://www.adnovum.ch/en/products/index.php?page=secprod&subpage=nevis&s ubsubpage=nevisproxy Credits: ----------- Alexandre Herzog <alexandre.herzog@xxxxxxx> (Compass Security Analyst, Switzerland) Switzerland, 14.6.2012 Compass Security AG is a Swiss leading ethical hacking and penetration testing company. (www.csnc.ch) Regards Ivan Buetler
