Vulnerability CVE-2012-3790

Vulnerability CVE-2012-3790

Published: 2012-06-20

Description:

	Topic	Author	Date
Low	Adiscan LogAnalyzer 3.4.3 Cross Site Scripting	Sooraj K.S SecPo...	22.06.2012

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Affected software
Adiscon -> Loganalyzer

http://loganalyzer.adiscon.com/downloads/loganalyzer-v3-5-5-v3-beta

http://loganalyzer.adiscon.com/downloads/loganalyzer-3-4-4-v3-stable

http://secpod.org/blog/?p=504

http://secpod.org/advisories/SecPod_LogAnalyzer_XSS_Vuln.txt

http://loganalyzer.adiscon.com/security-advisories/loganalyzer-cross-site-scripting-vulnerability-in-highlight-parameter