5 matches found
CVE-2022-25630
An authenticated user can embed malicious content with XSS into the admin group policy page...
Symantec Messaging Gateway 10.7.4 Cross Site Scripting
Exploit Title: Symantec Messaging Gateway 10.7.4 - Stored Cross-Site Scripting XSS Exploit Author: omurugur Vendor Homepage: https://support.broadcom.com/external/content/SecurityAdvisories/0/21117 Version: 10.7.4-10.7.13 Tested on: relevant os CVE : CVE-2022-25630 Author Web:...
Symantec Messaging Gateway 10.7.4 - Stored Cross-Site Scripting Vulnerability
Exploit Title: Symantec Messaging Gateway 10.7.4 - Stored Cross-Site Scripting XSS Exploit Author: omurugur Vendor Homepage: https://support.broadcom.com/external/content/SecurityAdvisories/0/21117 Version: 10.7.4-10.7.13 Tested on: relevant os CVE : CVE-2022-25630 Author Web:...
Symantec Messaging Gateway 10.7.4 - Stored Cross-Site Scripting (XSS)
Exploit Title: Symantec Messaging Gateway 10.7.4 - Stored Cross-Site Scripting XSS Exploit Author: omurugur Vendor Homepage: https://support.broadcom.com/external/content/SecurityAdvisories/0/21117 Version: 10.7.4-10.7.13 Tested on: relevant os CVE : CVE-2022-25630 Author Web:...
CVE-2022-25630
Broadcom Symantec Messaging Gateway is affected by CVE-2022-25630, a stored XSS vulnerability exploitable by an authenticated user on the admin group policy page. Public details describe an authenticated user injecting payloads via the AdminGroupPolicyFlow$save.flo endpoint, with the issue enabli...