Name of the Vulnerable Software and Affected Versions Dr.Web Enterprise Security Suite (affected versions not specified)

Description The issue exists due to a lack of protection for the web page structure in the "Security Center" component. This could allow a remote attacker to execute arbitrary HTML code in the user's browser by placing it in the username field on the "Administration->Administrators" tab.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.