CVSS: 4.3EPSS: 2%CPEs: 2EXPL: 1CVE-2009-3036
https://notcve.org/view.php?id=CVE-2009-3036
Cross-site scripting (XSS) vulnerability in the console in Symantec IM Manager 8.3 and 8.4 before 8.4.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la consola en Symantec IM Manager v8.3 y v8.4 anteriores a v8.4.13 permite a atacantes remotos inyectar secuencias arbitrarias de comandos web o HTML a través de vectores sin especificar. • https://github.com/brinhosa/CVE-2009-3036 http://osvdb.org/62446 http://secunia.com/advisories/38672 http://www.securityfocus.com/bid/38241 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100218_00 http://www.vupen.com/english/advisories/2010/0438 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •