CVE-2012-3790

Name of the Vulnerable Software and Affected Versions Adiscon LogAnalyzer versions prior to 3.4.4 Adiscon LogAnalyzer versions 3.5.x prior to 3.5.5

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the highlight parameter in a "Search" action.

Recommendations For Adiscon LogAnalyzer versions prior to 3.4.4, update to version 3.4.4 or later. For Adiscon LogAnalyzer versions 3.5.x prior to 3.5.5, update to version 3.5.5 or later.