Scrutinizer < 9.5.2 exporters.php XSS

The remote host is running a version of Scrutinizer that is affected by a cross-site scripting vulnerability in the 'd4d/exporters.php' web console script. The application does not properly sanitize the HTTP Referrer field or URL parameters. A remote attacker could exploit this by tricking a user...

CVE-2012-3848

Multiple cross-site scripting XSS vulnerabilities in the web console in Plixer Scrutinizer aka Dell SonicWALL Scrutinizer before 9.5.0 allow remote attackers to inject arbitrary web script or HTML via 1 the query string to d4d/exporters.php, 2 the HTTP Referer header to d4d/exporters.php, or 3...

CVE-2012-3848

Multiple cross-site scripting XSS vulnerabilities in the web console in Plixer Scrutinizer aka Dell SonicWALL Scrutinizer before 9.5.0 allow remote attackers to inject arbitrary web script or HTML via 1 the query string to d4d/exporters.php, 2 the HTTP Referer header to d4d/exporters.php, or 3...

CVE-2012-3848

CVE-2012-3848 affects Plixer Scrutinizer (Dell SonicWALL Scrutinizer) prior to 9.5.0. The vulnerability class is Cross-Site Scripting (XSS) in the web console, exploitable via the d4d/exporters.php (query string and Referer header) and d4d/contextMenu.php inputs, allowing remote attackers to inje...