Cross-Site Scripting Vulnerability in Symantec Critical System Protection Management Console
CVE-2014-9224
Currently unrated
What is CVE-2014-9224?
A Cross-site scripting (XSS) vulnerability exists in the ajaxswing web user interface components of the Management Console server within Symantec Critical System Protection and Symantec Data Center Security: Server Advanced. This flaw allows remote authenticated users to inject arbitrary HTML or web scripts via various unspecified vectors, potentially compromising the security integrity of the web application environment.