Dear Shaked Vax,
Are you sure Radware Team have analysed reflected attack via user's
browser (AppWall administrator visits malcrafted page, page redirects
his request to AppWall) before excluding remote vector?
--Thursday, July 2, 2009, 3:23:16 PM, you wrote to
Radware team has completed analysis of the reported issue, concluding
that no AppWall customer using the product according to Radware
deployment recommendations would be exposed to vulnerability as a result
of this issue. This is due to the facts that this issue exists only on
the management
Security Advisory
---
Vulnerable Software: radware AppWall Web Application Firewall
Vulnerable Version:Gateway Version 4.6.0.2 / AppWall Version
1.0.2.6
Homepage:http://www.radware.com/
Found by: