Reflected XSS Vulnerability in Symantec ProxySG Management Console
CVE-2016-10256
6.1MEDIUM
What is CVE-2016-10256?
The management console of Symantec ProxySG versions 6.5 (prior to 6.5.10.6), 6.6, and 6.7 (prior to 6.7.2.1) is affected by a reflected XSS vulnerability. This issue allows a remote attacker to craft a malicious URL that can inject arbitrary JavaScript code into the management console web client. Exploitation of this vulnerability could enable attackers to execute scripts in the context of the user's session, potentially compromising sensitive information or performing unauthorized actions within the management console.
Affected Version(s)
ProxySG 6.5 prior to 6.5.10.6
ProxySG 6.6
ProxySG 6.7 prior to 6.7.2.1