Cross-Site Scripting Vulnerability in Symantec Messaging Gateway Management Console
CVE-2014-1648

Currently unrated

Key Information:

Vendor

Symantec
Status
Messaging Gateway
Vendor
CVE Published:
23 April 2014

What is CVE-2014-1648?

A Cross-Site Scripting (XSS) vulnerability exists in the management console of Symantec Messaging Gateway versions earlier than 10.5.2. This security flaw allows remote attackers to inject arbitrary web scripts or HTML via the 'displayTab' parameter, potentially compromising the security of the application and its users. Exploiting this vulnerability could lead to unauthorized actions being executed in the context of the affected user, making the system susceptible to further attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/66966
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1030136
vdb-entryx_refsource_SECTRACK
http://www.symantec.com/security_response/securityupdates...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.