VYPR
Unrated severityNVD Advisory· Published Jul 9, 2012· Updated Jun 16, 2026

CVE-2012-3238

CVE-2012-3238

Description

Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field.

Affected products

11
  • cpe:2.3:a:astaro:security_gateway_software:*:*:*:*:*:*:*:*
    Range: <=8.3
  • cpe:2.3:a:sophos:unified_threat_management_software:*:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:sophos:unified_threat_management_software:*:*:*:*:*:*:*:*range: <=8.3
    • cpe:2.3:h:sophos:unified_threat_management:110:*:*:*:*:*:*:*
    • cpe:2.3:h:sophos:unified_threat_management:120:*:*:*:*:*:*:*
    • cpe:2.3:h:sophos:unified_threat_management:220:*:*:*:*:*:*:*
    • cpe:2.3:h:sophos:unified_threat_management:320:*:*:*:*:*:*:*
    • cpe:2.3:h:sophos:unified_threat_management:425:*:*:*:*:*:*:*
    • cpe:2.3:h:sophos:unified_threat_management:525:*:*:*:*:*:*:*
    • cpe:2.3:h:sophos:unified_threat_management:625:*:*:*:*:*:*:*
  • cpe:2.3:h:astaro:security_gateway:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:h:astaro:security_gateway:*:*:*:*:*:*:*:*
    • (no CPE)range: <8.305

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.