Unrated severityNVD Advisory· Published Aug 15, 2011· Updated Jun 16, 2026
CVE-2011-0550
CVE-2011-0550
Description
Multiple cross-site scripting (XSS) vulnerabilities in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allow remote attackers to inject arbitrary web script or HTML via (1) the token parameter to portal/Help.jsp or (2) the URI in a console/apps/sepm request.
Affected products
6cpe:2.3:a:symantec:endpoint_protection:11.0.6000:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:symantec:endpoint_protection:11.0.6000:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:endpoint_protection:11.0.6100:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:endpoint_protection:11.0.6200:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:endpoint_protection:11.0.6200.754:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:endpoint_protection:11.0.6300:*:*:*:*:*:*:*
- (no CPE)range: >=11.0.6000, <=11.0.6300
Patches
Vulnerability mechanics
References
7News mentions
0No linked articles in our index yet.