exploitDog

CVE-2012-2563

Опубликовано: 09 июн. 2012

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in Bloxx Web Filtering before 5.0.14 allow (1) remote attackers to inject arbitrary web script or HTML via web traffic that is examined within the Bloxx Reports component, and allow (2) remote authenticated administrators to inject arbitrary web script or HTML via vectors involving administrative menu functions.

Ссылки

http://www.kb.cert.org/vuls/id/722963
US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8R9LBY
http://www.securityfocus.com/bid/53715
http://www.kb.cert.org/vuls/id/722963
US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8R9LBY
http://www.securityfocus.com/bid/53715

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bloxx:web_filtering:*:*:*:*:*:*:*:*

Версия до 5.0.13 (включая)

EPSS

Процентиль: 81%

0.0155

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-8gq4-c5hv-w395

github

больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Bloxx Web Filtering before 5.0.14 allow (1) remote attackers to inject arbitrary web script or HTML via web traffic that is examined within the Bloxx Reports component, and allow (2) remote authenticated administrators to inject arbitrary web script or HTML via vectors involving administrative menu functions.

EPSS

Процентиль: 81%

0.0155

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79