Unrated severityNVD Advisory· Published Aug 8, 2012· Updated Apr 29, 2026

CVE-2012-2960

Description

Cross-site scripting (XSS) vulnerability in the import functionality in HP ArcSight Connector appliance 6.2.0.6244.0 and ArcSight Logger appliance 5.2.0.6288.0 allows remote attackers to inject arbitrary web script or HTML via a crafted file.

Affected products

HP/Arcsight Connector Appliance3 versions
cpe:2.3:h:hp:arcsight_connector_appliance:c1400:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:h:hp:arcsight_connector_appliance:c1400:*:*:*:*:*:*:*
- cpe:2.3:h:hp:arcsight_connector_appliance:c3400:*:*:*:*:*:*:*
- cpe:2.3:h:hp:arcsight_connector_appliance:c5400:*:*:*:*:*:*:*
HP/Arcsight Logger Appliance
cpe:2.3:h:hp:arcsight_logger_appliance:l7400-san:*:*:*:*:*:*:*
HP/Arcsight Connector Appliance Firmware2 versions
cpe:2.3:o:hp:arcsight_connector_appliance_firmware:6.0.0.60023.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:hp:arcsight_connector_appliance_firmware:6.0.0.60023.2:*:*:*:*:*:*:*
- cpe:2.3:o:hp:arcsight_connector_appliance_firmware:6.2.0.6244.0:*:*:*:*:*:*:*
HP/Arcsight Logger Appliance Firmware
cpe:2.3:o:hp:arcsight_logger_appliance_firmware:5.2.0.6288.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/960468nvdUS Government Resource
h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000