Cross-Site Scripting Vulnerability in Symantec SecurityExpressions Audit and Compliance Server
CVE-2009-3030

Currently unrated

Key Information:

Vendor

Symantec
Status
Securityexpressions Audit And Compliance Server
Vendor
CVE Published:
15 October 2009

What is CVE-2009-3030?

A cross-site scripting (XSS) vulnerability exists in Symantec's SecurityExpressions Audit and Compliance Server versions 4.1.1, 4.1, and earlier. This flaw allows remote attackers to inject arbitrary web scripts or HTML content by exploiting error message triggers, leading to potential risks such as session hijacking, data theft, and unauthorized actions on behalf of the user.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2009/2849
vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/36972
third-party-advisoryx_refsource_SECUNIA
http://www.osvdb.org/58650
vdb-entryx_refsource_OSVDB

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.