CVE-2012-4938

Pattern Insight 2.3 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the web interface in Pattern Insight 2.3 allows remote authenticated administrators to inject arbitrary web script or HTML via the banner message.

References (4)

[US Government Resource] http://www.kb.cert.org/vuls/id/802596

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/79786

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/56381

[Third Party Advisory] http://secunia.com/advisories/51203

Scores

EPSS 0.0132

EPSS Percentile 79.7%

Details

CWE

CWE-79

Status published

Products (2)

patterninsight/pattern_insight

n/a/n/a

Published Nov 18, 2012

Tracked Since Feb 18, 2026