Description
Cross-site scripting (XSS) vulnerability in the console in Symantec IM Manager 8.3 and 8.4 before 8.4.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Exploits (1)
References (5)
Core 5
Core References
Third Party Advisory x_refsource_confirm
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100218_00
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/62446
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0438
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38672
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/38241
Scores
EPSS
0.0075
EPSS Percentile
73.4%
Details
CWE
CWE-79
Status
published
Products (2)
symantec/im_manager
8.3
symantec/im_manager
8.4
Published
Feb 23, 2010
Tracked Since
Feb 18, 2026