CVE-2015-2703: Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON AP-WEB before 8.0.0 and V-Series 7.7 appliances a
infovulnerability
security
Summary
Websense TRITON AP-WEB appliances (versions before 8.0.0) and V-Series 7.7 contain multiple XSS vulnerabilities (cross-site scripting, where attackers inject malicious code into web pages). Attackers can exploit these by injecting harmful scripts through specific parameters in the Data Security block page and Content Gateway, which the system fails to properly filter before displaying in error messages.
Solution / Mitigation
Upgrade Websense TRITON APX to Version 8.0 or later, as stated in the vendor advisory: 'Vulnerabilities resolved in TRITON APX Version 8.0'.
Vulnerability Details
CVSS Score
4.3
EPSS (30-day exploit probability)
EPSS: 0.5%
Classification
Attack SophisticationTrivial
Original source: https://nvd.nist.gov/vuln/detail/CVE-2015-2703
First tracked: February 15, 2026 at 08:45 PM
Classified by LLM (prompt v3) · confidence: 95%