CVE-2020-8603
MEDIUMTrend Micro InterScan Web Security Virtual Appliance 6.5 - XSS
Title source: llmDescription
A cross-site scripting vulnerability (XSS) in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow a remote attacker to tamper with the web interface of affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-20-675/
Patch, Vendor Advisory x_refsource_misc
https://success.trendmicro.com/solution/000253095
Scores
CVSS v3
6.1
EPSS
0.0039
EPSS Percentile
60.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
trendmicro/interscan_web_security_virtual_appliance
6.5
Published
May 27, 2020
Tracked Since
Feb 18, 2026