CVE-2019-6146 Content Gateway: XSS via Host Header Injection Vulnerability
CVE-2019-6146 XSS via Host Header Injection Vulnerability in the content gateway of forcepoint.com founded by ICSS team member Prasenjit Kanti Paul who is the Co-Founder of Indian Cyber Security Solutions.
It’s an achievement for Indian Cyber Security Solutions. The Exploit details published in the Article by forcepoint.com
This vulnerability has been resolved in Web Security Content Gateway with the release of Forcepoint Web Security v8.5.4. A Web Security hotfix (8.5 HF 11), released on January 20, 2020, resolved this vulnerability.
Read the Article Here.
Check below the Video PoC: