Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec IM Manager before 8.4.18 allow remote attackers to inject arbitrary web script or HTML via the (1) refreshRateSetting parameter to IMManager/Admin/IMAdminSystemDashboard.asp, the (2) nav or (3) menuitem parameter to IMManager/Admin/IMAdminTOC_simple.asp, or the (4) action parameter to IMManager/Admin/IMAdminEdituser.asp.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2011-10-02T01:00:00
Updated: 2013-02-07T10:00:00
Reserved: 2011-01-20T00:00:00
Link: CVE-2011-0552
JSON object: View
NVD Information
Status : Modified
Published: 2011-10-02T02:53:33.617
Modified: 2013-02-07T04:41:05.077
Link: CVE-2011-0552
JSON object: View
Redhat Information
No data.
CWE