XSS in Cogentdatahub Cascade_datahub
CVE-2012-0309
Cross-site scripting (XSS) vulnerability in Cogent DataHub 7.1.2 and earlier, Cascade DataHub 6.4.20 and earlier, and OPC DataHub 6.4.20 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.005 (66.5th percentile) — read the EPSS interpretation.
Affected products
- Cogentdatahub Cascade_datahub
- Cogentdatahub Cogent_datahub — versions 7.0, 7.0.2, 7.1.0
- Cogentdatahub Opc_datahub
- N/a — versions n/a
Weakness classification (CWE)
References
- JVNDB-2012-000001 (x_refsource_JVNDB, third-party-advisory)
- 51375 (vdb-entry, x_refsource_BID)
- vultures@jpcert.or.jp (x_refsource_CONFIRM)
- vultures@jpcert.or.jp (x_refsource_MISC)
- 47525 (x_refsource_SECUNIA, third-party-advisory)
- cogentdatahub-unspecified-xss(72305) (vdb-entry, x_refsource_XF)
- JVN#12983784 (x_refsource_JVN, third-party-advisory)
- 47496 (x_refsource_SECUNIA, third-party-advisory)