CVE-2008-1168
EPSS 0.79%Published: 3/5/2008Modified: 4/28/2026
Description
Cross-site scripting (XSS) vulnerability in Squid Analysis Report Generator (Sarg) 2.2.3.1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Affected packages (1)
- Debian/sargfrom 0, < 2.2.5-1