CVE-2015-3447

Dell SonicWall SonicOS <7.5.0.12, <=6.x - XSS

Title source: llm
STIX 2.1

Description

Multiple cross-site scripting (XSS) vulnerabilities in macIpSpoofView.html in Dell SonicWall SonicOS 7.5.0.12 and 6.x allow remote attackers to inject arbitrary web script or HTML via the (1) searchSpoof or (2) searchSpoofIpDet parameter.

References (5)

Core 5
Core References
Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2015/Apr/97
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/535393/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/74406
Exploit, Third Party Advisory x_refsource_misc
http://www.vulnerability-lab.com/get_content.php?id=1359
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032204

Scores

EPSS 0.0074
EPSS Percentile 73.1%

Details

CWE
CWE-79
Status published
Products (2)
sonicwall/sonicos 7.5.0.12
sonicwall/sonicos 6.0.0.0 - 6.2.2.0
Published Apr 29, 2015
Tracked Since Feb 18, 2026