CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 3CVE-2011-5178
https://notcve.org/view.php?id=CVE-2011-5178
Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) eulaAccepted or (2) mode parameter. Múltiples vulnerabilidades de ejecución de comandos en sitios cruzados (XSS) en netmri/config/userAdmin/login.tdf en Infoblox NetMRI v6.0.2.42, v6.1.2, v6.2.1 y anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de los parámetros (1) eulaAccepted o (2) mode. • http://foregroundsecurity.com/secure-coding-and-security-qa/111-infoblox-netmri-621-612-and-60242-multiple-cross-site-scripting-xss http://seclists.org/fulldisclosure/2011/Nov/158 http://secunia.com/advisories/46854 http://www.infoblox.com/community/downloads/hotfix-v602-netmri-8831gpg http://www.infoblox.com/community/downloads/hotfix-v612-netmri-8831gpg http://www.infoblox.com/community/downloads/hotfix-v621-netmri-8831gpg http://www.securitytracker.com/id?1026319 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •