-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ESA-2016-092: RSA® Web Threat Detection Cross Site Scripting Vulnerability EMC Identifier: ESA-2016-092 CVE Identifier: CVE-2016-0919 Severity Rating: CVSS v3 Base Score: 7.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L) Affected Products: · RSA Web Threat Detection version 5.0 · RSA Web Threat Detection version 5.1 · RSA Web Threat Detection version 5.1.2 Summary: RSA Web Threat Detection contains fixes for a cross site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system. Details: RSA Web Threat Detection is affected by a Stored Cross-Site Scripting vulnerability. Attackers could potentially exploit this vulnerability to execute arbitrary HTML or Javascript code in the user?s browser session in the context of the RSA Web Threat Detection application. Recommendation: The following RSA Web Threat Detection releases contain a resolution to this vulnerability: · RSA Web Threat Detection version 5.0 HF20 · RSA Web Threat Detection version 6.0 RSA recommends all customers upgrade at the earliest opportunity. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJYiiFpAAoJEHbcu+fsE81ZQ2sH/i0IiwYdP6bqfWQDQXvzuQOb 9qsKaZlm0oN8cPol43YnuqnGzZDerHtwkF1UWwgISNk1l7226peO0iBieB1humg9 xlBJQpCQtpinQshz4HJVEtfL3xprbq44V8Vyz76mNaEqQz67pYnqlkUH0h0lLLpm fjIXZpAYtRrfBUL1S9qrYfpyuXi1hozlrOIM/JsTWk6iLrd8AEIVChPs4qQucvRY tslePzE2pAfALsVES6rDH6CWdO7+mMC1E2+eL71zk8VQW7q8Il8brrN7zXaFWP4x OVgIsxU2+iP1irpjlZ/vwxtYm4nfvER+QnGGkAYWTJ0DKekNI6EmK90oCdeyBfs= =U3El -----END PGP SIGNATURE-----
