CVE-2012-2274

PivotX (2.3.2 and earlier) contains a cross-site scripting (XSS) vulnerability in pivotx/ajaxhelper.php where the file parameter is not properly sanitized. Exploitation allows remote attackers to inject arbitrary HTML/JS, potentially affecting administrator sessions. Evidence from multiple source...

FreeBSD Ports: pivotx

The remote host is missing an update to the system as announced in the referenced advisory. VID 0d3547ab-9b69-11e1-bdb1-525401003090 OpenVAS Vulnerability Test $ Description: Auto generated from VID 0d3547ab-9b69-11e1-bdb1-525401003090 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

FreeBSD Ports: pivotx

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Cross-Site Scripting (XSS) in Pivotx

Advisory ID: HTB23087 Product: Pivotx Vendor: pivotx.net Vulnerable Versions: 2.3.2 and probably prior Tested Version: 2.3.2 Vendor Notification: 18 April 2012 Vendor Patch: 18 April 2012 Public Disclosure: 9 May 2012 Vulnerability Type: Cross-Site Scripting XSS CVE Reference: CVE-2012-2274...