CVE-2016-10256
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The Symantec ProxySG 6.5 (prior to 6.5.10.6), 6.6, and 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to inject arbitrary JavaScript code into the management console web client application. This is a separate vulnerability from CVE-2016-10257.
La consola de gestión de Symantec ProxySG 6.5 (en versiones anteriores a la 6.5.10.6), 6.6 y 6.7 (en versiones anteriores a la 6.7.2.1) es susceptible de contener una vulnerabilidad de XSS reflejado. Un atacante remoto puede emplear una URL de la consola de gestión manipulada en un ataque de phishing para inyectar código JavaScript arbitrario en la aplicación del cliente web de la consola de gestión. Esta vulnerabilidad es diferente de CVE-2016-10257.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-03-23 CVE Reserved
- 2018-01-10 CVE Published
- 2023-06-02 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/102451 | Third Party Advisory | |
| http://www.securitytracker.com/id/1040138 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.symantec.com/security-center/network-protection-security-advisories/SA155 | 2021-06-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Broadcom Search vendor "Broadcom" | Symantec Proxysg Search vendor "Broadcom" for product "Symantec Proxysg" | >= 6.5 < 6.5.10.6 Search vendor "Broadcom" for product "Symantec Proxysg" and version " >= 6.5 < 6.5.10.6" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Symantec Proxysg Search vendor "Broadcom" for product "Symantec Proxysg" | >= 6.7 < 6.7.2.1 Search vendor "Broadcom" for product "Symantec Proxysg" and version " >= 6.7 < 6.7.2.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Symantec Proxysg Search vendor "Broadcom" for product "Symantec Proxysg" | 6.6 Search vendor "Broadcom" for product "Symantec Proxysg" and version "6.6" | - |
Affected
| ||||||