Name of the Vulnerable Software and Affected Versions: Kaspersky Security Center 10 (affected versions not specified)

Description: The issue exists due to inadequate protection of the web page structure in the web console. An attacker can exploit this to gain access to software functionality and execute arbitrary JavaScript code on the client-side using a specially crafted link sent to a user with an active Web Console session.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.