CVE-2012-2960: XSS
First published: Wed Aug 08 2012(Updated: )
Cross-site scripting (XSS) vulnerability in the import functionality in HP ArcSight Connector appliance 6.2.0.6244.0 and ArcSight Logger appliance 5.2.0.6288.0 allows remote attackers to inject arbitrary web script or HTML via a crafted file.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hp Arcsight Connector Appliance Firmware | =6.0.0.60023.2 | |
| Hp Arcsight Connector Appliance Firmware | =6.2.0.6244.0 | |
| HP ArcSight Connector appliance | =c1400 | |
| HP ArcSight Connector appliance | =c3400 | |
| HP ArcSight Connector appliance | =c5400 | |
| Hp Arcsight Logger Appliance Firmware | =5.2.0.6288.0 | |
| Hp Arcsight Logger Appliance | =l7400-san |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-index
- vendor/hp
- canonical/hp arcsight connector appliance firmware
- version/hp arcsight connector appliance firmware/6.0.0.60023.2
- version/hp arcsight connector appliance firmware/6.2.0.6244.0
- canonical/hp arcsight connector appliance
- version/hp arcsight connector appliance/c1400
- version/hp arcsight connector appliance/c3400
- version/hp arcsight connector appliance/c5400
- canonical/hp arcsight logger appliance firmware
- version/hp arcsight logger appliance firmware/5.2.0.6288.0
- canonical/hp arcsight logger appliance
- version/hp arcsight logger appliance/l7400-san