Cross-Site Scripting Vulnerabilities in Symantec Security Information Manager
CVE-2013-1614

Currently unrated

Key Information:

Vendor: Symantec
Status: Security Information Manager; Security Information Manager Appliance
Vendor: CVE Published:; 8 July 2013

What is CVE-2013-1614?

Multiple cross-site scripting vulnerabilities exist in the management console of the Symantec Security Information Manager appliance versions 4.7.x and 4.8.x prior to 4.8.1. These vulnerabilities may allow remote attackers to inject arbitrary web scripts or HTML content through unspecified vectors, potentially compromising the integrity and confidentiality of the application. Users of affected versions should seek to update to the latest version to mitigate these risks.

References

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/60797

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 8, 2013