CVE-2012-0932

Name of the Vulnerable Software and Affected Versions Lead Capture Page System (affected versions not specified)

Description The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the message parameter in the "admin/login.php" endpoint.

Recommendations For all affected versions, consider restricting access to the "admin/login.php" endpoint until a fix is available. As a temporary workaround, avoid using the message parameter in the affected endpoint to minimize the risk of exploitation.