Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSymantecCVELIST:CVE-2018-12246
HistoryOct 16, 2018 - 12:00 a.m.

CVE-2018-12246

2018-10-1600:00:00
symantec
www.cve.org

0.002 Low

EPSS

Percentile

55.1%

JSON

Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript code into the website’s rendered copy running inside the end user’s web browser. It does not allow injecting code into the real (isolated) copy of the website running on the WI Threat Isolation Engine.

CNA Affected

[
  {
    "product": "Symantec Web Isolation",
    "vendor": "Symantec Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "1.11 prior to 1.11.21"
      }
    ]
  }
]

Related

cve 1
nvd 1
jvn 1
symantec 1
prion 1
cve
cve
CVE-2018-12246
2018-10-22 19:29:00
nvd
nvd
CVE-2018-12246
2018-10-22 19:29:00
jvn
jvn
JVN#58005743: Web Isolation vulnerable to cross-site scripting
2018-10-19 00:00:00
symantec
symantec
Reflected XSS Vulnerability in Web Isolation
2018-10-16 08:01:01
prion
prion
Cross site scripting
2018-10-22 19:29:00

0.002 Low

EPSS

Percentile

55.1%

JSON
Related for CVELIST:CVE-2018-12246
cve1nvd1jvn1symantec1prion1