Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4950

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-4950
Last Modified 17 Aug 2013 02:49:53
Published 18 Nov 2012 04:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4950

Summary

Cross-site scripting (XSS) vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters that are not properly handled during construction of error messages.

Vulnerable Systems

Application

  • Patterninsight Pattern Insight 2.3


References

CERT-VN - VU#802596

XF - pattern-insight-keyword-search-xss(79787)

BID - 56381

SECUNIA - 51203

OSVDB - 87053


Last Updated: 27 May 2016 10:47:22