CVE-2012-3835

Multiple cross-site scripting XSS vulnerabilities in AlienVault Open Source Security Information Management OSSIM 3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 url parameter to top.php or 2 time00 parameter to forensics/baseqrymain.php, which is not properly handled ...