XSS in Alienvault Open_source_security_information_management
CVE-2012-3835
Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to top.php or (2) time[0][0]…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.169 (95.1th percentile) — read the EPSS interpretation.
Affected products
- Alienvault Open_source_security_information_management — versions 3.1
- N/a — versions n/a
Weakness classification (CWE)
References
- 53331 (Exploit, vdb-entry, x_refsource_BID)
- 18800 (Exploit, exploit, x_refsource_EXPLOIT-DB)
- 49005 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- cve@mitre.org (Exploit, x_refsource_MISC)
- cve@mitre.org (Exploit, x_refsource_MISC)
- alienvault-multiple-xss(75297) (vdb-entry, x_refsource_XF)