CVE-2014-3922
Trend Micro InterScan Messaging Security Virtual Appliance 8.5.1.15...
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in Trend Micro InterScan Messaging Security Virtual Appliance 8.5.1.1516 allows remote authenticated users to inject arbitrary web script or HTML via the addWhiteListDomainStr parameter to addWhiteListDomain.imss.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030318
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/58491
Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/126847/InterScan-Messaging-Security-Virtual-Appliance-8.5.1.1516-Cross-Site-Scripting.html
Exploit, Mailing List mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/May/164
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/67726
Exploit x_refsource_misc
https://vimeo.com/96757096
Scores
EPSS
0.0114
EPSS Percentile
78.6%
Details
CWE
CWE-79
Status
published
Products (1)
trendmicro/interscan_messaging_security_virtual_appliance
8.5.1.1516
Published
May 30, 2014
Tracked Since
Feb 18, 2026