Vulnerability Note VU#815532
ForeScout CounterACT reflected XSS vulnerability
The ForeScout CounterACT appliance contains reflected cross-site scripting (XSS) vulnerabilities.
The web interface of the ForeScout CounterACT appliance contains reflected XSS vulnerabilities (CWE-79). The following are a couple examples:
A remote attacker may, by luring a user into clicking a malicious URL, be able to disclose sensitive information, steal user cookies, or escalate privileges.
Apply an Update
Customers may obtain these patches automatically via the "Check For Updates" function or by logging into the ForeScout Customer Support Portal. (Login Required)
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|ForeScout||Affected||02 May 2012||07 Jun 2012|
CVSS Metrics (Learn More)
Thanks to Travis Lee for reporting this vulnerability.
This document was written by Jared Allar.
- CVE IDs: CVE-2012-1825
- Date Public: 07 Jun 2012
- Date First Published: 08 Jun 2012
- Date Last Updated: 15 May 2013
- Document Revision: 23
If you have feedback, comments, or additional information about this vulnerability, please send us email.