CVE-2013-5013

Currently unrated

Key Information:

Vendor: Symantec
Status: Web Gateway
Vendor: CVE Published:; 11 February 2014

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.2 allow remote attackers to inject arbitrary web script or HTML via (1) vectors involving PHP scripts and (2) unspecified other vectors.

References

http://osvdb.org/103145

vdb-entryx_refsource_OSVDB

http://osvdb.org/103144

vdb-entryx_refsource_OSVDB

http://osvdb.org/103147

vdb-entryx_refsource_OSVDB

EPSS Score

67% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 11, 2014
Vulnerability Reserved
Jul 29, 2013