Symantec IT Analytics prior to 2.9.1 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability

Summary

Symantec IT Analytics, prior to 2.9.1, may be susceptible to a cross-site scripting (XSS) exploit.

Credit:

The information has been provided by Albert Sanchez

The original article can be found at:https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1766


Details

Which is a type of issue that can potentially enable attackers to inject client-side scripts into web pages viewed by other users.

 

Vulnerable Systems:

Symantec IT Analytics prior to 2.9.1

 

CVE Information:

CVE-2020-5838

 

Disclosure Timeline:
Published Date:5/13/2020

Categories: FeaturedNews