CVE-2012-4955

Dell OpenManage Server Administrator < 6.5.0 - Cross-Site Scripting

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Dell OpenManage Server Administrator (OMSA) before 6.5.0.1, 7.0 before 7.0.0.1, and 7.1 before 7.1.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (8)

Core 8

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/87405

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/51297

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/80071

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/558132

Patch x_refsource_confirm

http://www.dell.com/support/drivers/us/en/19/DriverDetails/Product/poweredge-r710?driverId=PCXMR&osCode=WNET&fileId=3082295344

Patch x_refsource_confirm

http://www.dell.com/support/drivers/us/en/19/DriverDetails/Product/poweredge-r710?driverId=JJMWP&osCode=WNET&fileId=3082295338

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/56518

Patch x_refsource_confirm

http://www.dell.com/support/drivers/us/en/19/DriverDetails/Product/poweredge-r710?driverId=5JDN0&osCode=WNET&fileId=3082293694

Scores

EPSS 0.0064

EPSS Percentile 70.7%

Details

CWE

CWE-79

Status published

Products (18)

dell/openmanage_server_administrator 1.00.0000

dell/openmanage_server_administrator 4.3.0

dell/openmanage_server_administrator 4.4.0

dell/openmanage_server_administrator 4.5.0

dell/openmanage_server_administrator 5.0.0

dell/openmanage_server_administrator 5.1.0

dell/openmanage_server_administrator 5.1.0.1

dell/openmanage_server_administrator 5.2.0

dell/openmanage_server_administrator 5.3.0

dell/openmanage_server_administrator 5.4.0

... and 8 more

Published Nov 15, 2012

Tracked Since Feb 18, 2026