CVE-2016-6588

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

5.4MEDIUM

EPSS

0.5%

top 35.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec IT Management Suite

Timeline

PublishedJan 8

Latest updateMay 24

Description

A Cross-Site Scripting (XSS) vulnerability exists in the ITMS workflow process manager console in Symantec IT Management Suite 8.0.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages2 packages

▶CVEListV5symantec/it_management_suitebefore 8.0 HF4

▶NVDsymantec/it_management_suite8.0

🔴Vulnerability Details

GHSA

GHSA-4h9h-37ch-jq2m: A Cross-Site Scripting (XSS) vulnerability exists in the ITMS workflow process manager console in Symantec IT Management Suite 8↗2022-05-24

▶

CVEList

CVE-2016-6588: A Cross-Site Scripting (XSS) vulnerability exists in the ITMS workflow process manager console in Symantec IT Management Suite 8↗2020-01-08

▶