AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2014-9711: Multiple cross-site scripting (XSS) vulnerabilities in the Investigative Reports in Websense TRITON AP-WEB before 8.0.0

infovulnerability

security

Source: NVD/CVE DatabaseMarch 25, 2015CVE-2014-9711

Summary

Websense TRITON AP-WEB and related security products contained multiple XSS vulnerabilities (cross-site scripting, where attackers inject malicious code into web pages seen by other users) in their reporting features. Attackers could exploit these vulnerabilities by inserting harmful scripts through specific parameters in the report scheduler and summary report pages.

Solution / Mitigation

Update to Websense TRITON AP-WEB version 8.0.0 or later, or apply Hotfix 02 for version 7.8.3 and Hotfix 01 for version 7.8.4 of Web Security and Filter, Web Security Gateway, and Web Security Gateway Anywhere.

Vulnerability Details

CVSS Score

4.3

EPSS (30-day exploit probability)

EPSS: 0.8%

Classification

Attack SophisticationTrivial

Taxonomy References

CWE (Weakness Type)

CWE-79

CAPEC (Attack Pattern)

CAPEC-198 CAPEC-86

Original source: https://nvd.nist.gov/vuln/detail/CVE-2014-9711

First tracked: February 15, 2026 at 08:45 PM

Classified by LLM (prompt v3) · confidence: 95%