Cross-Site Scripting (XSS) Vulnerabilities in ForeScout CounterACT Appliance Status Program

Cross-Site Scripting (XSS) Vulnerabilities in ForeScout CounterACT Appliance Status Program

CVE-2012-1825 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in the status program on the ForeScout CounterACT appliance with software 6.3.3.2 through 6.3.4.10 allow remote attackers to inject arbitrary web script or HTML via (1) the loginname parameter in a forgotpass action or (2) the username parameter.

Learn more about our Web App Pen Testing.