CVE-2012-1261
MEDIUMPlixer Scrutinizer Netflow & Sflow Analyzer < 8.6.2.16204 - XSS
Title source: ruleDescription
Cross-site scripting (XSS) vulnerability in cgi-bin/scrut_fa_exclusions.cgi in Plixer International Scrutinizer NetFlow and sFlow Analyzer 8.6.2.16204 and other versions before 9.0.1.19899 allows remote attackers to inject arbitrary web script or HTML via the standalone parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Trustwave's SpiderLabs · textwebappsmultiple
https://www.exploit-db.com/exploits/18750
References (5)
Core 5
Core References
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://www.exploit-db.com/exploits/18750
Third Party Advisory, VDB Entry x_refsource_misc
http://www.securityfocus.com/bid/52989
Third Party Advisory, VDB Entry x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/74827
Third Party Advisory x_refsource_misc
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/
Scores
CVSS v3
6.1
EPSS
0.0558
EPSS Percentile
90.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
plixer/scrutinizer_netflow_\&_sflow_analyzer
< 8.6.2.16204
Published
Jan 09, 2020
Tracked Since
Feb 18, 2026