CVE-2013-4674

Currently unrated

Key Information:

Vendor: Symantec
Status: Encryption Management Server; Pgp Universal Server
Vendor: CVE Published:; 31 July 2013

Summary

Cross-site scripting (XSS) vulnerability in the Web Email Protection component in Symantec Encryption Management Server (formerly Symantec PGP Universal Server) before 3.3.0 MP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted encrypted e-mail attachment.

References

http://www.securityfocus.com/bid/61290

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/85902

vdb-entryx_refsource_XF

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 31, 2013
Vulnerability Reserved
Jun 24, 2013