Unrated severityNVD Advisory· Published Jul 9, 2012· Updated Jun 16, 2026
CVE-2012-3238
CVE-2012-3238
Description
Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field.
Affected products
11- cpe:2.3:a:astaro:security_gateway_software:*:*:*:*:*:*:*:*Range: <=8.3
cpe:2.3:a:sophos:unified_threat_management_software:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:sophos:unified_threat_management_software:*:*:*:*:*:*:*:*range: <=8.3
- cpe:2.3:h:sophos:unified_threat_management:110:*:*:*:*:*:*:*
- cpe:2.3:h:sophos:unified_threat_management:120:*:*:*:*:*:*:*
- cpe:2.3:h:sophos:unified_threat_management:220:*:*:*:*:*:*:*
- cpe:2.3:h:sophos:unified_threat_management:320:*:*:*:*:*:*:*
- cpe:2.3:h:sophos:unified_threat_management:425:*:*:*:*:*:*:*
- cpe:2.3:h:sophos:unified_threat_management:525:*:*:*:*:*:*:*
- cpe:2.3:h:sophos:unified_threat_management:625:*:*:*:*:*:*:*
cpe:2.3:h:astaro:security_gateway:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:astaro:security_gateway:*:*:*:*:*:*:*:*
- (no CPE)range: <8.305
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.