Lucene search
SymantecCVELIST:CVE-2014-9224HistoryJan 21, 2015 - 11:00 a.m.
CVE-2014-9224
2015-01-2111:00:00
symantec
www.cve.org
4
Cross-site scripting (XSS) vulnerability in the ajaxswing webui in the Management Console server in the management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x through 6.0 MP1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
References
packetstormsecurity.com/files/130060/Symantec-SDCS-SA-SCSP-XSS-Bypass-SQL-Injection-Disclosure.html
seclists.org/fulldisclosure/2015/Jan/91
www.securityfocus.com/archive/1/534527/100/0/threaded
www.securityfocus.com/bid/72093
www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150119_00
Related
nvd
nvd
CVE-2014-9224
2015-01-21 15:17:05
prion
prion
Cross site scripting
2015-01-21 15:17:00
nessus
nessus
cve
cve
CVE-2014-9224
2015-01-21 15:17:05
exploitpack
exploitpack
Symantec Data Center Security - Multiple Vulnerabilities
2015-01-26 00:00:00
securityvulns
securityvulns
zdt
zdt
Symantec Data Center Security - Multiple Vulnerabilities
2015-01-22 00:00:00
packetstorm
packetstorm
Symantec SDCS:SA / SCSP XSS / Bypass / SQL Injection / Disclosure
2015-01-22 00:00:00
exploitdb
exploitdb
Symantec Data Center Security - Multiple Vulnerabilities
2015-01-26 00:00:00
symantec
symantec