Detections
Analytics

CVE-2007-5796

medium

Description

Cross-site scripting (XSS) vulnerability in the management console in Blue Coat ProxySG before 4.2.6.1, and 5.x before 5.2.2.5, allows remote attackers to inject arbitrary web script or HTML by modifying the URL that is used for loading Certificate Revocation Lists.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/38213

http://www.vupen.com/english/advisories/2007/3678

http://www.securitytracker.com/id?1018888

http://secunia.com/advisories/27452

http://www.bluecoat.com/support/securityadvisories/advisory_cross-site_scripting_vulnerability

Details

Source: Mitre, NVD

Published: 2007-11-03

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00395