XSS in Symantec Brightmail_gateway

CVE-2013-1611

Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified ve…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.008 (53.1th percentile) — read the EPSS interpretation.

Affected products

Symantec Brightmail_gateway — versions 9.5, 9.5.1
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

secure@symantec.com (x_refsource_CONFIRM, Vendor Advisory)
secure@symantec.com (vdb-entry, x_refsource_BID)