AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2015-2768: Cross-site scripting (XSS) vulnerability in Websense TRITON AP-EMAIL before 8.0.0 and V-Series 7.7 appliances allows rem

infovulnerability

security

Source: NVD/CVE DatabaseMarch 27, 2015CVE-2015-2768

Summary

A cross-site scripting vulnerability (XSS, a weakness where attackers inject malicious code into web pages) was found in Websense TRITON AP-EMAIL versions before 8.0.0 and V-Series 7.7 appliances, allowing remote attackers to inject arbitrary web scripts or HTML through unspecified entry points. The vulnerability has a CVSS score (a 0-10 rating of how severe a security flaw is) of 4.0.

Solution / Mitigation

Update to Websense TRITON AP-EMAIL Version 8.0.0 or later. (The source references a Websense support article about 'Vulnerabilities resolved in TRITON APX Version 8.0'.)

Vulnerability Details

CVSS Score

4.3

EPSS (30-day exploit probability)

EPSS: 0.3%

Classification

Attack SophisticationTrivial

Taxonomy References

CWE (Weakness Type)

CWE-79

CAPEC (Attack Pattern)

CAPEC-198 CAPEC-86

Original source: https://nvd.nist.gov/vuln/detail/CVE-2015-2768

First tracked: February 15, 2026 at 08:45 PM

Classified by LLM (prompt v3) · confidence: 95%