CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-2995

Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394 allow remote attackers to inject arbitrary web script or HTML via (1) the wrsApprovedURL parameter to addRuleAttrWrsApproveUrl.imss or (2) the src parameter to initUpdSchPage.imss.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.322

EPSS Ranking 96.5%

CVSS Severity

CVSS v2 Score 4.3

References

http://secunia.com/advisories/50620
http://www.kb.cert.org/vuls/id/471364
http://www.securitytracker.com/id?1027544
http://secunia.com/advisories/50620
http://www.kb.cert.org/vuls/id/471364
http://www.securitytracker.com/id?1027544

Products affected by CVE-2012-2995

Trendmicro » Interscan Messaging Security Suite » Version: 7.1

cpe:2.3:a:trendmicro:interscan_messaging_security_suite:7.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-2995

Products

Pricing

Contact Us