CVE-2022-25630

MEDIUM

Symantec Messaging Gateway < 10.8 - Authenticated Stored Cross-Site Scripting in Admin Group Policy Page

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-25630. PoCs published by omurugur.

AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in Symantec Messaging Gateway versions 10.7.4 to 10.7.13. An authenticated attacker can inject malicious JavaScript payloads into the admin group policy page, which execute when viewed by other users.

Description

An authenticated user can embed malicious content with XSS into the admin group policy page.

Exploits (1)

exploitdb WORKING POC

by omurugur · textwebappsmultiple

https://www.exploit-db.com/exploits/51342

View Code ZIP pw:eip

This exploit demonstrates a stored XSS vulnerability in Symantec Messaging Gateway versions 10.7.4 to 10.7.13. An authenticated attacker can inject malicious JavaScript payloads into the admin group policy page, which execute when viewed by other users.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Symantec Messaging Gateway 10.7.4-10.7.13

Auth required

Prerequisites: Authenticated access to the admin interface

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/21117

Exploit, Third Party Advisory

http://packetstormsecurity.com/files/171781/Symantec-Messaging-Gateway-10.7.4-Cross-Site-Scripting.html

Scores

CVSS v3 5.4

EPSS 0.0148

EPSS Percentile 70.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (1)

symantec/messaging_gateway < 10.8

Published Dec 09, 2022

Tracked Since Feb 18, 2026