CVE-2020-5838: XSS
First published: Wed May 13 2020(Updated: )
Symantec IT Analytics, prior to 2.9.1, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can potentially enable attackers to inject client-side scripts into web pages viewed by other users.
Credit: secure@symantec.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec IT Analytics | <2.9.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2020-5838.
What is the severity rating of CVE-2020-5838?
CVE-2020-5838 has a severity rating of 4.8, which is considered medium.
What is cross-site scripting (XSS) exploit?
Cross-site scripting (XSS) exploit is a type of issue that can potentially enable attackers to inject client-side scripts into web pages viewed by other users.
Which versions of Symantec IT Analytics are affected by CVE-2020-5838?
Symantec IT Analytics versions prior to 2.9.1 are affected by CVE-2020-5838.
How can I fix CVE-2020-5838?
To fix CVE-2020-5838, it is recommended to upgrade to Symantec IT Analytics version 2.9.1 or later.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/event
- vendor/symantec
- canonical/symantec it analytics