VDB
CVE-2012-2960
CVE-2012-2960
PUBLISHED
CVSS 4.300000190734863 MEDIUM
Cross-site scripting (XSS) vulnerability in the import functionality in HP ArcSight Connector appliance 6.2.0.6244.0 and ArcSight Logger appliance 5.2.0.6288.0 allows remote attackers to inject arbitrary web script or HTML via a crafted file.
EPSS 0.74% · 73.4th percentile
Risk Scores
CVSS 2.0
4.300000190734863
EPSS Score
0.74%
73.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| hp | arcsight_logger_appliance | l7400-san |
| hp | arcsight_logger_appliance_firmware | 5.2.0.6288.0 |
| hp | arcsight_connector_appliance_firmware | 6.0.0.60023.2, 6.2.0.6244.0 |
| n/a | n/a | n/a |
| hp | arcsight_connector_appliance | c3400, c5400, * |
Timeline
- Aug 6, 2012 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- HPSBMU02836 vendor-advisory
- VU#960468 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2012-2960 advisory