Cross site scripting

2018-04-1114:29:00

PRIOn knowledge base

www.prio-n.com

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.1%

JSON

Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can inject arbitrary JavaScript code in the management console web client application.

CPENameOperatorVersion
advanced_secure_gatewayge6.6
advanced_secure_gatewaylt6.6.5.14
advanced_secure_gatewayge6.7.4
advanced_secure_gatewaylt6.7.4.107
advanced_secure_gatewayge6.7.3
advanced_secure_gatewaylt6.7.3.7
symantec_proxysgge6.7.4
symantec_proxysglt6.7.4.107
symantec_proxysgge6.7.3
symantec_proxysglt6.7.3.7

Name	Operator	Version
advanced_secure_gateway	ge	6.6
advanced_secure_gateway	lt	6.6.5.14
advanced_secure_gateway	ge	6.7.4
advanced_secure_gateway	lt	6.7.4.107
advanced_secure_gateway	ge	6.7.3
advanced_secure_gateway	lt	6.7.3.7
symantec_proxysg	ge	6.7.4
symantec_proxysg	lt	6.7.4.107
symantec_proxysg	ge	6.7.3
symantec_proxysg	lt	6.7.3.7