Cross-Site Scripting Vulnerabilities in Symantec Web Gateway
CVE-2013-4670

Currently unrated

Key Information:

Vendor: Symantec
Status: Web Gateway; Web Gateway Appliance 8450; Web Gateway Appliance 8490
Vendor: CVE Published:; 1 August 2013

What is CVE-2013-4670?

Multiple cross-site scripting (XSS) vulnerabilities exist within the management console of Symantec Web Gateway prior to version 5.1.1. These vulnerabilities enable remote attackers to inject and execute arbitrary web scripts or HTML on affected systems, potentially compromising sensitive data and system integrity. Exploitation of this vulnerability may occur via unspecified vectors that allow the execution of malicious scripts.

References

http://osvdb.org/95690

vdb-entryx_refsource_OSVDB

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

http://osvdb.org/95692

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 1, 2013
Vulnerability Reserved
Jun 24, 2013