The Latest in IT Security

Symantec Web Gateway 5.2 Susceptible to SQL Injection and XSS Attacks

18
Jun
2014

Security issues have been discovered in version 5.2 of Symantec Web Gateway (SWG) Appliance management console, which could lead to unauthorized privileged access to databases and hijacking of the user session. The SQL injection vulnerability was discovered in the hostname parameter of the clientreport.php page; and it was possible because of improper neutralization of special elements used in a SQL command. The exploitable XSS flaw, present because of improper neutralization of input during…

Comments are closed.

Categories

THURSDAY, MARCH 28, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments