← back
CVE-2019-9701

CVE-2019-9701

EPSS 1.8%
DLP 15.5 MP1 and all prior versions may be susceptible to a cross-site scripting (XSS) vulnerability, a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.
Affected products
n/a · Data Loss Prevention
public PoCs found2
cve_referencepacketstormsecurity.com/files/153512/Symantec-DLP-15.5-MP1-Cross-Site-Scripting.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47071unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/153512/Symantec-DLP-15.5-MP1-Cross-Site-Scripting.htmlhttps://support.symantec.com/us/en/article.SYMSA1484.html