← CVECheck
HomeVulnerabilities

CVE-2004-0192 — MEDIUM severity vulnerability (Cross-site scripting (XSS) vulnerability in the Management S)

Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page.

CVE IDCVE-2004-0192
SeverityMEDIUM
CVSS score6.8
CVSS vectorAV:N/AC:M/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2004-03-15
Last modified2026-04-16
DescriptionCross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →