AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2015-2747: Multiple cross-site scripting (XSS) vulnerabilities in the data loss prevention (DLP) incident Forensics Preview in Webs

infovulnerability

security

Source: NVD/CVE DatabaseMarch 26, 2015CVE-2015-2747

Summary

CVE-2015-2747 is a cross-site scripting (XSS) vulnerability (a type of attack where an attacker injects malicious code into a webpage that runs in users' browsers) in Websense Triton 7.8.3 and V-Series 7.7 appliances' data loss prevention (DLP, a security tool that prevents sensitive data from leaving an organization) feature. Remote attackers can exploit this by sending crafted emails or HTTP requests to inject arbitrary web scripts or HTML code.

Vulnerability Details

CVSS Score

4.3

EPSS (30-day exploit probability)

EPSS: 0.3%

Classification

Attack SophisticationTrivial

Taxonomy References

CWE (Weakness Type)

CWE-79

CAPEC (Attack Pattern)

CAPEC-198 CAPEC-86

Original source: https://nvd.nist.gov/vuln/detail/CVE-2015-2747

First tracked: February 15, 2026 at 08:45 PM

Classified by LLM (prompt v3) · confidence: 95%