Cross-Site Scripting Vulnerability in Symantec Brightmail Gateway Appliance
CVE-2009-0063

Currently unrated

Key Information:

Vendor: Symantec
Status: Brightmail Gateway Appliance
Vendor: CVE Published:; 24 April 2009

Summary

A cross-site scripting (XSS) vulnerability exists in the Control Center of the Symantec Brightmail Gateway Appliance prior to version 8.0.1. This flaw allows remote authenticated users to execute arbitrary web scripts or HTML, potentially compromising confidentiality and integrity. Exploiting this vulnerability could enable attackers to manipulate the user interface and inject malicious content, leading to various forms of cyber threats.

References

http://www.vupen.com/english/advisories/2009/1155

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/34885

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/50074

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Apr 24, 2009
Vulnerability Reserved
Jan 7, 2009