Cross-Site Scripting Vulnerabilities in Plixer Scrutinizer by Dell

CVE-2012-3848

Summary

Multiple cross-site scripting vulnerabilities exist in the web console of Plixer Scrutinizer that can be exploited by remote attackers. These vulnerabilities allow attackers to inject arbitrary web scripts or HTML into the application through various input vectors, including the query string and the HTTP Referer header sent to specific PHP files. The unpatched versions before 9.5.0 are particularly at risk, exposing systems to potential data theft, session hijacking, and further attacks. Users are advised to upgrade to the latest version to mitigate these issues.

References