Multiple Cross-Site Scripting Vulnerabilities in Symantec Web Gateway
CVE-2013-5013

Currently unrated

Key Information:

Vendor: Symantec
Status: Web Gateway
Vendor: CVE Published:; 11 February 2014

Summary

The Symantec Web Gateway appliance before version 5.2 contains multiple cross-site scripting (XSS) vulnerabilities, which can be exploited by remote attackers. These vulnerabilities allow an attacker to inject arbitrary web scripts or HTML through vectors related to PHP scripts and other unspecified vectors, potentially leading to unauthorized actions and exposure of sensitive information.

References

http://osvdb.org/103145

vdb-entryx_refsource_OSVDB

http://osvdb.org/103144

vdb-entryx_refsource_OSVDB

http://osvdb.org/103147

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Feb 11, 2014
Vulnerability Reserved
Jul 29, 2013