JVNVU#95732401: Trend Micro Mobile Security vulnerable to cross-site scripting

Overview

Trend Micro Incorporated has released a security update for Trend Micro Mobile Security.

Products Affected

Mobile Security (Enterprise) 9.8

Description

Trend Micro Incorporated has released a security update for Trend Micro Mobile Security.

Impact

A cross-site scripting attack may be conducted if a user who is logged in to the product's management console accesses a link that contains a malicious script.
For more information, refer to the information provided by the developer.

Solution

Apply the Patch
Apply the patch according to the information provided by the developer.
The developer has released a patch below that contains a fix for this vulnerability.

Mobile Security (Enterprise) 9.8 SP5 CP6 (b3311)

Vendor Status

Vendor	Link
Trend Micro Incorporated	SECURITY BULLETIN: Trend Micro Mobile Security (Enterprise) Reflected Cross Site-Scripting Vulnerabilities

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia

JVNVU#95732401 Trend Micro Mobile Security vulnerable to cross-site scripting