Microsoft · System Center Configuration Manager · CVE-2012-2536
**Name of the Vulnerable Software and Affected Versions**
Microsoft Systems Management Server version 2003 SP3
System Center Configuration Manager version 2007 SP2
**Description**
A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. This is referred to as a "Reflected XSS" issue.
**Recommendations**
For Microsoft Systems Management Server 2003 SP3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For System Center Configuration Manager 2007 SP2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.