Cross-site scripting (XSS) vulnerability in cgi-bin/scrut_fa_exclusions.cgi in Plixer International Scrutinizer NetFlow and sFlow Analyzer 8.6.2.16204 and other versions before 9.0.1.19899 allows remote attackers to inject arbitrary web script or HTML via the standalone parameter.
References
Link | Resource |
---|---|
http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html | Exploit Third Party Advisory |
http://www.exploit-db.com/exploits/18750 | Exploit Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/52989 | Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/74827 | Third Party Advisory VDB Entry |
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-01-09T19:47:53
Updated: 2020-01-09T19:47:53
Reserved: 2012-02-22T00:00:00
Link: CVE-2012-1261
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-01-09T20:15:10.083
Modified: 2020-01-14T16:16:48.703
Link: CVE-2012-1261
JSON object: View
Redhat Information
No data.
CWE