CVE-2014-3432

2014-06-2714:00:00

symantec

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.71

Percentile

98.1%

JSON

Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x before 4.5 allows remote attackers to inject arbitrary web script or HTML via an unspecified form field.

References

secunia.com/advisories/59538

secunia.com/advisories/59561

www.securityfocus.com/bid/68160

www.securitytracker.com/id/1030472

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140625_00