Cross-site scripting (XSS) vulnerability in the management login GUI page in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to inject arbitrary web script or HTML via the username field, as demonstrated by injecting an IFRAME element into the event log, a different vulnerability than CVE-2011-0545.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2011-03-28T18:00:00
Updated: 2018-10-09T18:57:01
Reserved: 2011-03-28T00:00:00
Link: CVE-2011-1524
JSON object: View
NVD Information
Status : Modified
Published: 2011-03-28T18:55:00.950
Modified: 2018-10-09T19:31:07.740
Link: CVE-2011-1524
JSON object: View
Redhat Information
No data.
CWE