Cross-site scripting (XSS) vulnerability in the Admin Control Center in Sentinel HASP Run-time Environment 5.95 and earlier in SafeNet Sentinel HASP (formerly Aladdin HASP SRM) run-time installer before 6.x and SDK before 5.11, as used in 7 Technologies (7T) IGSS 7 and other products, when Firefox 2.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger write access to a configuration file.
2011-12-17T03:54:45.743
2025-04-11T00:51:21.963
Deferred
CVSSv2: 4.3 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | 7t | igss | 7 | Yes |
| Application | safenet-inc | sentinel_hasp_run-time | ≤ 5.95 | Yes |
| Application | safenet-inc | sentinel_hasp_sdk | ≤ 5.10 | Yes |
| Application | mozilla | firefox | 2.0 | No |