CVE-2004-0192
Symantec Gateway Security 2.0 - Stored Cross-Site Scripting via /sgmi URL Error Page
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2004-0192. PoCs published by Soby.
AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in Symantec Gateway Security's web management console. The issue arises from improper sanitization of user-supplied input, allowing script injection via crafted URIs.
Description
Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page.
Exploits (1)
The provided text describes a cross-site scripting (XSS) vulnerability in Symantec Gateway Security's web management console. The issue arises from improper sanitization of user-supplied input, allowing script injection via crafted URIs.