CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
79.6%
Cross-site scripting (XSS) vulnerability in Arbor Networks Peakflow SP 5.1.1 before patch 6, 5.5 before patch 4, and 5.6.0 before patch 1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.
Vendor | Product | Version | CPE |
---|---|---|---|
arbornetworks | peakflow_sp | 5.1.1 | cpe:2.3:a:arbornetworks:peakflow_sp:5.1.1:*:*:*:*:*:*:* |
arbornetworks | peakflow_sp | 5.5 | cpe:2.3:a:arbornetworks:peakflow_sp:5.5:*:*:*:*:*:*:* |
arbornetworks | peakflow_sp | 5.6.0 | cpe:2.3:a:arbornetworks:peakflow_sp:5.6.0:*:*:*:*:*:*:* |