This exploit demonstrates a cross-site scripting (XSS) vulnerability in Symantec Web Gateway 5.0 due to improper sanitization of the file length parameter (l=). The vulnerability allows arbitrary JavaScript execution via crafted input in the URL.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:Symantec Web Gateway 5.0
No auth needed
Prerequisites:Access to the Symantec Web Gateway interface