2 matches found
CVE-2009-3029
CVE-2009-3029 (and related CVE-2009-3030) affects Symantec SecurityExpressions Audit and Compliance Server 4.1.1, 4.1, and earlier. The vulnerability is a cross-site scripting issue in the console, where external client input is not properly sanitized and some error messages are not encoded, enab...
Symantec SecurityExpressions Audit and Compliance Server Multiple XSS
Symantec SecurityExpressions Audit and Compliance Server is installed on the remote host. The installed version is affected by multiple cross-site scripting vulnerabilities. - The web console fails to sanitize user-supplied input to certain unspecified parameters. An authorized user may be able t...