The management GUI in Symantec Web Gateway 5.0.x prior to 5.0.3 does not properly restrict access to application scripts, which allows remote malicious users to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
symantec web gateway 5.0.1 |
||
symantec web gateway 5.0 |
||
symantec web gateway 5.0.2 |