Intrusion Prevention

Symantec.Messaging.Gateway.Management.Console.Cross.Site.Script

Description

This indicates an attack attempt to exploit a Cross-Site Scripting vulnerability in Symantec Messaging Gateway Management.
The vulnerability is a result of the application's failure to properly sanitize user supplied data. As a result, a remote attacker may exploit this to execute arbitrary script codes within the context of the user's browser, via a crafted request.

Affected Products

Symantec Messaging Gateway prior to 10.5.2

Impact

System Compromise: Remote attackers can execute arbitrary script code in the context of the users' browser.

CVE References

CVE-2014-1648