CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6549
https://notcve.org/view.php?id=CVE-2015-6549
Cross-site scripting (XSS) vulnerability in an application console in the server in Symantec NetBackup OpsCenter before 7.7.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la consola de una aplicación en el servidor de Symantec NetBackup OpsCenter en versiones anteriores a 7.7.1 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www.securityfocus.com/bid/76896 http://www.securitytracker.com/id/1033726 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20151001_00 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2015-1483
https://notcve.org/view.php?id=CVE-2015-1483
Symantec NetBackup OpsCenter 7.6.0.2 through 7.6.1 on Linux and UNIX allows remote attackers to execute arbitrary JavaScript code via unspecified vectors. Symantec NetBackup OpsCenter 7.6.0.2 hasta 7.6.1 en Linux y UNIX permite a atacantes remotos ejecutar código JavaScript arbitrario a través de vectores no especificados. • http://www.securityfocus.com/bid/72737 http://www.securitytracker.com/id/1031831 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150302_00 • CWE-20: Improper Input Validation •