Spearhead NetGAP 200 and 300 before build 78 allow a remote attacker to bypass file blocking and content inspection via specially encoded URLs which include '%' characters.
https://exchange.xforce.ibmcloud.com/vulnerabilities/6625
http://archives.neohapsis.com/archives/bugtraq/2001-06/0047.html