CVE-2012-2446

Netsweeper - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in tools/local_lookup.php in the WebAdmin Portal in Netsweeper allows remote attackers to inject arbitrary web script or HTML via the group parameter in a lookup action.

References (2)

[Exploit] http://infosec42.blogspot.com/2012/07/cve-2012-2446-cve-2012-2447-cve-2012.html

[US Government Resource] http://www.kb.cert.org/vuls/id/763795

Scores

EPSS 0.0029

EPSS Percentile 52.5%

Classification

CWE

CWE-79

Status published

Affected Products (2)

netsweeper/netsweeper

n/a/n/a

Timeline

Published Jul 09, 2012

Tracked Since Feb 18, 2026