Symantec DLP XSS injection vulnerability

Summary

Symantec DLP is a data security software that monitors and protects confidential data.

Symantec DLP has an XSS injection vulnerability because it cannot properly purge user-supplied input.This could allow an attacker to steal cookie-based authentication credentials and launch other attacks.


Solution

At present, the manufacturer does not provide the repair plan, please pay attention to the manufacturer's home page:

https://www.symantec.com/zh/cn