CVE-2009-3029 Information
Feb 14, 2021
cve
Description
Cross-site scripting (XSS) vulnerability in the console in Symantec SecurityExpressions Audit and Compliance Server 4.1.1 4.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via \external client input\ that triggers crafted error messages.
Reference
http://secunia.com/advisories/36972 http://securitytracker.com/id?1022989 http://www.osvdb.org/58651 http://www.securityfocus.com/bid/36570 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091006_00 http://www.vupen.com/english/advisories/2009/2849
Share on: