CVE-2012-3848

Currently unrated

Key Information:

Vendor: Sonicwall
Status: Scrutinizer
Vendor: CVE Published:; 31 July 2012

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to d4d/exporters.php, (2) the HTTP Referer header to d4d/exporters.php, or (3) unspecified input to d4d/contextMenu.php.

References

https://www.trustwave.com/spiderlabs/advisories/TWSL2012-...

x_refsource_MISC

http://www.plixer.com/Press-Releases/plixer-releases-9-5-...

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 31, 2012

Collectors

NVD DatabaseMitre Database