CVE-2012-5175

KENT-WEB ACCESS REPORT <4.2 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in KENT-WEB ACCESS REPORT 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to access-log data.

References (3)

[Various Sources] http://www.kent-web.com/data/report.html

[Third Party Advisory] http://jvn.jp/en/jp/JVN68830017/index.html

[Third Party Advisory] http://jvndb.jvn.jp/jvndb/JVNDB-2012-000106

Scores

EPSS 0.0025

EPSS Percentile 48.5%

Details

CWE

CWE-79

Status published

Products (2)

kent-web/access_report < 4.2

n/a/n/a

Published Dec 06, 2012

Tracked Since Feb 18, 2026