CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-1825

Multiple cross-site scripting (XSS) vulnerabilities in the status program on the ForeScout CounterACT appliance with software 6.3.3.2 through 6.3.4.10 allow remote attackers to inject arbitrary web script or HTML via (1) the loginname parameter in a forgotpass action or (2) the username parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.0%

CVSS Severity

CVSS v2 Score 4.3

References

http://www.kb.cert.org/vuls/id/815532
http://www.kb.cert.org/vuls/id/MAPG-8TWMEJ
http://www.kb.cert.org/vuls/id/815532
http://www.kb.cert.org/vuls/id/MAPG-8TWMEJ

Products affected by CVE-2012-1825

Forescout » Counteract » Version: 6.3.3.2

cpe:2.3:a:forescout:counteract:6.3.3.2
Forescout » Counteract » Version: 6.3.4.10

cpe:2.3:a:forescout:counteract:6.3.4.10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-1825

Products

Pricing

Contact Us