CVE-2018-12241

Name of the Vulnerable Software and Affected Versions Symantec Security Analytics (SA) versions prior to 7.3.4

Description The issue allows a remote attacker to craft a malicious URL for the SA web UI, targeting users with phishing attacks or social engineering techniques. A successful attack enables injecting malicious JavaScript code into the SA web UI client application.

Recommendations For Symantec Security Analytics (SA) versions prior to 7.3.4, update to version 7.3.4 or later to resolve the issue.