← back
CVE-2014-3922

CVE-2014-3922

EPSS 2.1%
Cross-site scripting (XSS) vulnerability in Trend Micro InterScan Messaging Security Virtual Appliance 8.5.1.1516 allows remote authenticated users to inject arbitrary web script or HTML via the addWhiteListDomainStr parameter to addWhiteListDomain.imss.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/126847/InterScan-Messaging-Security-Virtual-Appliance-8.5.1.1516-Cross-Site-Scripting.htmlhttp://seclists.org/fulldisclosure/2014/May/164http://secunia.com/advisories/58491https://vimeo.com/96757096http://www.securityfocus.com/bid/67726http://www.securitytracker.com/id/1030318