QwikSec

Security Database

CVE

CWE

Training

CVE-2012-4970

Published: Jan 1, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in the web management interface on Polycom HDX Video End Points with UC APL software before 2.7.1.1_J, and commercial software before 3.0.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_SECTRACK

20121226 Polycom HDX Video End Points Web Management Cross Site Scripting (XSS) vulnerability

mailing-list

x_refsource_BUGTRAQ

http://knowledgebase-iframe.polycom.com/kb/knowledgebase/End%20User/Tech%20Alerts/Video/15990_fHDX%20XSS%20Vulnerability%20-%20Security%20Bulletin%20101521.pdf

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.