CVE-2017-13678

Summary

Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can inject arbitrary JavaScript code in the management console web client application.

Affected Software

VendorProductVersion RangeStatus
Symantec CorporationAdvanced Secure Gateway (ASG)6.6 prior to 6.6.5.14affected
Symantec CorporationAdvanced Secure Gateway (ASG)6.7 prior to 6.7.4.107affected
Symantec CorporationProxySG6.5 prior to 6.5.10.8affected
Symantec CorporationProxySG6.6 prior to 6.6.5.14affected
Symantec CorporationProxySG6.7 prior to 6.7.4.107affected

Weaknesses

  • Stored XSS

ADP Enrichment

CVE Program Container

Additional References

References