Symantec Endpoint Protection Manager Cross-Site Scripting (CVE-2016-3652)

A cross-site-scripting vulnerability has been reported in the Symantec Endpoint Protection Manager. The vulnerability is due to insufficient input validation on user-supplied input. A remote attacker could exploit this vulnerability by enticing authenticated users to click on a crafted link...

CVE-2016-3652

Multiple cross-site scripting XSS vulnerabilities in management scripts in Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-3652

CVE-2016-3652 affects Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5. Multiple cross-site scripting (XSS) vulnerabilities exist in management scripts, allowing remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. The issue arises from insuffi...

Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities

Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities + Credits: John Page aka HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SYMANTEC-SEPM-MULTIPLE-VULNS.txt + ISR: ApparitionSec Vendor: ================ www.symantec.com Product:...

CVE-2016-3652

creationtimestamp| type| source ---|---|--- 2016-06-29 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40041...

Symantec Endpoint Protection Multiple Security Issues

SUMMARY Symantec Endpoint Protection SEP was susceptible to a number of security vulnerabilities potentially resulting in a user being able to leverage elevated privilege or access to unauthorized files on the management console. Additionally, a race condition in the device control of a SEP clien...