CVE-2012-2960

CVE-2012-2960 affects HP ArcSight Connector Appliance 6.2.0.6244.0 and ArcSight Logger 5.2.0.6288.0, with a cross-site scripting (XSS) flaw in the file import feature that allows a crafted file to execute arbitrary script in the web GUI. CERT/HP notes remote disclosure of information, and possibl...

HP Arcsight Logger and Connector appliances cross-site scripting vulnerability

Overview HP's Arcsight Connector appliance v6.2.0.6244.0 and Arcsight Logger appliance v5.2.0.6288.0 and possibly other versions contain a file import facility which is vulnerable to cross-site scripting XSS. Description The supplied facility for importing host data from a file System Admin Tab |...