Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Symantec Web Gateway 5.2 susceptible to SQL injection and XSS attacks

Symantec Web Gateway 5.2 susceptible to SQL injection and XSS attacks

2014/06/18

Softpedia - (International) Symantec advised users of its Symantec Web Gateway product running version 5.2 of its appliance management console to update to the newest 5.2.1 build after a SQL injection and a cross-site scripting (XSS) vulnerability were found in 5.2. The vulnerabilities could enable unauthorized privileged access to databases and the hijacking of user sessions.

Source: http://news.softpedia.com/news/Symantec-Web-Gateway-5-2-Susceptible-to-SQL-Injection-and-XSS-Attacks-447241.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:20:37