CVE-2012-2662

medium

Description

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to the (1) System Agent or (2) End Entity pages.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/77101

http://www.securitytracker.com/id?1027284

http://www.securityfocus.com/bid/54608

http://secunia.com/advisories/50013

http://rhn.redhat.com/errata/RHSA-2015-1347.html

http://rhn.redhat.com/errata/RHSA-2012-1103.html

http://osvdb.org/84099

Details

Source: Mitre, NVD

Published: 2012-08-13

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium