CVE-2004-0192 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2004-0192

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page.

Affected Software

Name	Vendor	Start Version	End Version
Gateway_security_5400	Symantec	2.0 (including)	2.0 (including)

References

http://marc.info/?l=bugtraq\u0026m=107790684732458\u0026w=2
http://www.securityfocus.com/bid/9755
https://exchange.xforce.ibmcloud.com/vulnerabilities/15330
http://marc.info/?l=bugtraq\u0026m=107790684732458\u0026w=2
http://www.securityfocus.com/bid/9755
https://exchange.xforce.ibmcloud.com/vulnerabilities/15330