CVE-2014-1652 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec Web Gateway (SWG) before 5.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified report parameters.

Reference

http://www.kb.cert.org/vuls/id/719172 http://www.securityfocus.com/bid/67755 http://www.securitytracker.com/id/1030443 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securit20y_advisory&pvid=security_advisory&year=&suid=20140616_00 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2014&suid=20140616_00