CVE-2011-0552 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec IM Manager before 8.4.18 allow remote attackers to inject arbitrary web script or HTML via the (1) refreshRateSetting parameter to IMManager/Admin/IMAdminSystemDashboard.asp the (2) nav or (3) menuitem parameter to IMManager/Admin/IMAdminTOC_simple.asp or the (4) action parameter to IMManager/Admin/IMAdminEdituser.asp.

Reference

http://secunia.com/advisories/43157 http://securitytracker.com/id?1026130 http://www.securityfocus.com/bid/49739 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110929_00

Share on: