CVE-2013-4676

N/A

Multiple cross-site scripting (XSS) vulnerabilities in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a (1) custom-reports generation page, (2) Storage Devices creation page, or (3) jobs creation page in the management console; or (4) a Backup Exec server-management page in the beutility console.

N/A

N/A

Symantec Backup Exec 多个跨站脚本漏洞

Symantec Backup Exec是美国赛门铁克（Symantec）公司的一套业务备份解决方案。该解决方案为虚拟和物理环境提供数据保护和系统恢复功能。 Symantec Backup Exec 2012版本和Symantec Backup Exec 2010 R3版本中存在多个跨站脚本漏洞。远程攻击者可通过(1)custom-reports生成页面(2)Storage Devices创建页面或(3)管理控制台的作业创建页面或(4)Beutility管理控制的Backup Exec服务器管理页面，利用

N/A

N/A