CVE-2012-3848 in Sonicwall Scrutinizer With Flow Analytics Moduleinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to d4d/exporters.php, (2) the HTTP Referer header to d4d/exporters.php, or (3) unspecified input to d4d/contextMenu.php.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

07/06/2012

Disclosure

07/31/2012

Moderation

VulDB entry created

Entries

VDB-61455 (1)

CPE

ready

CWE

CWE-79 (Confirmed)

Exploit

Download

CVSS

4.3

EPSS

0.00656

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-3848
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-3848
CVE Details	https://www.cvedetails.com/cve/CVE-2012-3848/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!