Intrusion Prevention

Arbor.Networks.Peakflow.SP.index.XSS

Description

This indicates an attack attempt against a Cross Site Scripting vulnerability in Peakflow SP.
The vulnerability is caused by an error when the vulnerable software handles malicious HTTP requests. It allows a remote attacker to execute arbitrary script via sending a crafted HTTP request.

Affected Products

Arbor Networks Peakflow SP 3.6.1
Arbor Networks Peakflow SP 0

Impact

System Compromise: Remote attackers can execute arbitrary script code in the context of the affected site.

Recommended Actions

Upgrade to Peakflow SP releases 5.1.1 patch 6.

CVE References

CVE-2012-4685