Multiple cross-site scripting (XSS) vulnerabilities in GuestAccess.jsp in the Guest/Contractor access component in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified fields.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/709939 | US Government Resource |
https://na3.salesforce.com/sfc/#version?selectedDocumentId=06950000000IyBX | |
http://www.kb.cert.org/vuls/id/MAPG-8TJKAF | US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2012-06-13 08:55
Updated : 2012-06-13 08:55
NVD link : CVE-2012-2604
Mitre link : CVE-2012-2604
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
bradfordnetworks
- network_sentry_appliance
- network_sentry_appliance_software