Vulnerability Details CVE-2009-0063
Cross-site scripting (XSS) vulnerability in the Control Center in Symantec Brightmail Gateway Appliance before 8.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.7%
CVSS Severity
CVSS v2 Score 4.3
References
- http://osvdb.org/53944
- http://secunia.com/advisories/34885
- http://securitytracker.com/id?1022116
- http://www.securityfocus.com/bid/34641
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090423_01
- http://www.vupen.com/english/advisories/2009/1155
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50074
- http://osvdb.org/53944
- http://secunia.com/advisories/34885
- http://securitytracker.com/id?1022116
- http://www.securityfocus.com/bid/34641
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090423_01
- http://www.vupen.com/english/advisories/2009/1155
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50074
Products affected by CVE-2009-0063
-
cpe:2.3:h:symantec:brightmail_gateway_appliance:*
-
cpe:2.3:h:symantec:brightmail_gateway_appliance:7.5
-
cpe:2.3:h:symantec:brightmail_gateway_appliance:7.6
-
cpe:2.3:h:symantec:brightmail_gateway_appliance:7.7