Security Advisory

CVE-2021-30650

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-18 17:50:58

Last updated 2024-08-03 22:40:31

Assigner symantec

State PUBLISHED

Description

A reflected cross-site scripting (XSS) vulnerability in the Symantec Layer7 API Management OAuth Toolkit (OTK) allows a remote attacker to craft a malicious URL for the OTK web UI and target OTK users with phishing attacks or other social engineering techniques. A successful attack allows injecting malicious code into the OTK web UI client application.

← Browse all CVEs View on cve.org ↗