InterScan Messaging Security Suite is vulnerable to multiple cross-site scripting vulnerabilities and a cross-site request forgery vulnerability. These could be used by an attacker to execute an arbitrary script in the context of a logged in user.
Trend Micro InterScan Messaging Security Suite Version 7.1-Build_Win32_1394
Cross-Site Request Forgery, Cross-Site Scripting
Attackers that successfully exploit this vulnerability will be able to execute scripts within the context of a currently logged in user. This could be used by attackers to perform unauthorized actions on behalf of target users.
BeyondTrust Prevention and Detection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
- 17182 - Trend Micro InterScan Messaging Multiple Vulnerabilities (Zero-Day)
- 17183 - Trend Micro InterScan Messaging Multiple Vulnerabilities (Zero-Day) - x64
No mitigation is currently available.