Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in brightmail/setting/compliance/DlpConnectFlow$view.flo in the management console in Symantec Messaging Gateway 10.x before 10.5.2 allows remote attackers to inject arbitrary web script or HTML via the displayTab parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Symantec Messaging Gateway 跨站脚本漏洞
Vulnerability Description
Symantec Messaging Gateway是美国赛门铁克(Symantec)公司的一款集反垃圾邮件、防病毒、高级内容过滤和数据泄露防护技术于一体的垃圾邮件过滤器。 Symantec Messaging Gateway 10.0至10.5.1版本的管理控制台中的brightmail/setting/compliance/DlpConnectFlow$view.flo文件存在跨站脚本漏洞。远程攻击者可借助‘displayTab’参数利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A