Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gateway_security_5400 | Symantec | 2.0 (including) | 2.0 (including) |