CVE-2022-25629

Summary

An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can be executed on the annotations page (Annotation Text Column).

Affected Software

VendorProductVersion RangeStatus
n/aSymantec Messaging GatewayAll releases prior to SMG 10.8affected

Weaknesses

  • Stored XSS Vulnerability

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References