Filtered by vendor Symantec
Subscriptions
Filtered by product Messaging Gateway
Subscriptions
Total
25 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-18379 | 1 Symantec | 1 Messaging Gateway | 2024-08-05 | 7.3 High |
Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the loopback interface. | ||||
CVE-2019-18378 | 1 Symantec | 1 Messaging Gateway | 2024-08-05 | 4.8 Medium |
Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy. | ||||
CVE-2019-9699 | 1 Symantec | 1 Messaging Gateway | 2024-08-04 | 4.5 Medium |
Symantec Messaging Gateway (prior to 10.7.0), may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. | ||||
CVE-2022-25629 | 1 Symantec | 1 Messaging Gateway | 2024-08-03 | 5.4 Medium |
An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can be executed on the annotations page (Annotation Text Column). | ||||
CVE-2022-25630 | 1 Symantec | 1 Messaging Gateway | 2024-08-03 | 5.4 Medium |
An authenticated user can embed malicious content with XSS into the admin group policy page. |