XSS in Symantec Messaging_gateway
CVE-2012-0307
Multiple cross-site scripting (XSS) vulnerabilities in Symantec Messaging Gateway (SMG) before 10.0 allow remote attackers to inject arbitrary web script or HTML via (1) web content or (2) e-mail content.
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.006 (70.2th percentile) — read the EPSS interpretation.
Affected products
- Symantec Messaging_gateway — versions 9.5, 9.5.1, 9.5.2
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- 55138 (vdb-entry, x_refsource_BID)
- symantec-gateway-unspec-xss(78031) (vdb-entry, x_refsource_XF)