Symantec IT Analytics prior to 2.9.1 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability


Symantec IT Analytics, prior to 2.9.1, may be susceptible to a cross-site scripting (XSS) exploit.


The information has been provided by Albert Sanchez

The original article can be found at:


Which is a type of issue that can potentially enable attackers to inject client-side scripts into web pages viewed by other users.


Vulnerable Systems:

Symantec IT Analytics prior to 2.9.1


CVE Information:



Disclosure Timeline:
Published Date:5/13/2020

Categories: FeaturedNews