XSS Vulnerability in Symantec Gateway Security Management Service
CVE-2004-0192

Currently unrated

Key Information:

Vendor

Symantec
Status
Gateway Security 5400
Vendor
CVE Published:
15 March 2004

What is CVE-2004-0192?

The Management Service of Symantec Gateway Security 2.0 is susceptible to a cross-site scripting (XSS) vulnerability, which can be exploited by remote attackers. By crafting a malicious URL that targets the /sgmi endpoint, attackers can execute scripts that steal cookies and hijack user management sessions. This exploit leverages the lack of proper input validation in error page rendering, leading to serious security implications for session integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/9755
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/15330
vdb-entryx_refsource_XF
http://marc.info/?l=bugtraq&m=107790684732458&w=2
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.