Lucene search
SymantecCVELIST:CVE-2016-10257HistoryJan 10, 2018 - 2:00 a.m.
CVE-2016-10257
2018-01-1002:00:00
symantec
www.cve.org
3
The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (prior to 6.7.2.1), ProxySG 6.5 (prior to 6.5.10.6), ProxySG 6.6, and ProxySG 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to inject arbitrary JavaScript code into the management console web client application. This is a separate vulnerability from CVE-2016-10256.
CNA Affected
[
{
"product": "ASG",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"status": "affected",
"version": "6.7 prior to 6.7.2.1"
}
]
},
{
"product": "ProxySG",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "6.5 prior to 6.5.10.6"
},
{
"status": "affected",
"version": "6.6"
},
{
"status": "affected",
"version": "6.7 prior to 6.7.2.1"
}
]
}
]Related
cvelist
cvelist
CVE-2016-10256
2018-01-10 02:00:00
nvd
nvd
CVE-2016-10256
2018-01-10 02:29:31
CVE-2016-10257
2018-01-10 02:29:31
prion
prion
Cross site scripting
2018-01-10 02:29:00
Cross site scripting
2018-01-10 02:29:00
cve
cve
CVE-2016-10257
2018-01-10 02:29:31
CVE-2016-10256
2018-01-10 02:29:31
symantec
symantec
SA155: Multiple ASG and ProxySG Vulnerabilities
2018-01-09 08:00:00
nessus
nessus