CVE-2012-2563

Name of the Vulnerable Software and Affected Versions Bloxx Web Filtering versions prior to 5.0.14

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via web traffic examined within the Bloxx Reports component. Additionally, remote authenticated administrators can inject arbitrary web script or HTML via vectors involving administrative menu functions.

Recommendations For versions prior to 5.0.14, update to version 5.0.14 or later to resolve the issue. As a temporary workaround, consider restricting access to the Bloxx Reports component and administrative menu functions to minimize the risk of exploitation.