Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Symantec Gateway Security错误页跨站脚本漏洞
Vulnerability Description
Symantec Gateway Security 5400 系列是Symantec开发的防火墙设备。 Symantec Gateway Security的管理控制服务平台在生成错误页面时缺少充分的数据过滤,远程攻击者可以利用这个漏洞获得管理员敏感信息,如COOKIE信息。 问题存在于Symantec Gateway Security基于WEB的管理服务中,当客户端提交URL请求由Symantec Gateway Security服务对象处理时,如果处理的URL不存在,如请求/sgmi目录中的任意对象,会
CVSS Information
N/A
Vulnerability Type
N/A