Cross-Site Scripting Vulnerabilities in Symantec Backup Exec 2010 R3 and 2012
CVE-2013-4676

Currently unrated

Key Information:

Vendor

Symantec
Status
Backup Exec
Vendor
CVE Published:
5 August 2013

What is CVE-2013-4676?

Symantec Backup Exec prior to specific service pack updates is susceptible to multiple cross-site scripting (XSS) vulnerabilities. Attackers can exploit these weaknesses to inject arbitrary web scripts or HTML code through various vectors, including custom reports generation, storage devices page, jobs creation page, and server-management pages within the management console. Successful exploitation poses significant risks to data integrity and user interaction.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://osvdb.org/95942
vdb-entryx_refsource_OSVDB
http://www.symantec.com/security_response/securityupdates...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/61486
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.