Cross-Site Scripting Vulnerability in Symantec SecurityExpressions Audit and Compliance Server
CVE-2009-3030
Currently unrated
Key Information:
- Vendor
Symantec
- Vendor
- CVE Published:
- 15 October 2009
What is CVE-2009-3030?
A cross-site scripting (XSS) vulnerability exists in Symantec's SecurityExpressions Audit and Compliance Server versions 4.1.1, 4.1, and earlier. This flaw allows remote attackers to inject arbitrary web scripts or HTML content by exploiting error message triggers, leading to potential risks such as session hijacking, data theft, and unauthorized actions on behalf of the user.