XSS Vulnerability in Symantec NetBackup OpsCenter
CVE-2015-6549

Currently unrated

Key Information:

Vendor: Symantec
Status: Netbackup Opscenter
Vendor: CVE Published:; 6 October 2015

Summary

A cross-site scripting (XSS) vulnerability exists in the application console of Symantec NetBackup OpsCenter in versions before 7.7.1. This flaw enables remote authenticated users to inject arbitrary web scripts or HTML through unspecified vectors, potentially compromising user sessions or redirecting users to malicious sites. It is essential for organizations utilizing this software to ensure they are updated to a secure version to prevent exploitation.

References

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1033726

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/76896

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Oct 6, 2015
Vulnerability Reserved
Aug 21, 2015