VYPR
Medium severity6.1NVD Advisory· Published Jan 10, 2018· Updated Jun 17, 2026

CVE-2016-10256

CVE-2016-10256

Description

The Symantec ProxySG 6.5 (prior to 6.5.10.6), 6.6, and 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to inject arbitrary JavaScript code into the management console web client application. This is a separate vulnerability from CVE-2016-10257.

Affected products

2
  • Symantec/ProxySGllm-fuzzy
    Range: prior to 6.5.10.6, 6.6, and prior to 6.7.2.1
  • Symantec Corporation/ProxySGv5
    Range: 6.5 prior to 6.5.10.6

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.