Cross-Site Scripting Vulnerabilities in Symantec Web Gateway Management Console
CVE-2014-1652

Currently unrated

Key Information:

Vendor: Symantec
Status: Web Gateway
Vendor: CVE Published:; 18 June 2014

What is CVE-2014-1652?

The management console of Symantec Web Gateway prior to version 5.2 is susceptible to multiple cross-site scripting (XSS) vulnerabilities. These flaws enable remote authenticated users to inject arbitrary web scripts or HTML through unspecified report parameters. This can potentially lead to unauthorized actions or data disclosures, posing a significant risk to the integrity of the application's security.

References

http://www.securityfocus.com/bid/67755

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1030443

vdb-entryx_refsource_SECTRACK

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2014
Vulnerability Reserved
Jan 23, 2014