CVE-2024-38493
15.07.2024, 14:15
A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI.
Vendor | Product | Version |
---|---|---|
broadcom | symantec_privileged_access_management | 4.1.0 ≤ 𝑥 ≤ 4.1.7 |
𝑥
= Vulnerable software versions