CVE-2012-4745 Information

Description

Cross-site scripting (XSS) vulnerability in admin/login.asp in Acuity CMS 2.6.2 allows remote attackers to inject arbitrary web script or HTML via the UserName parameter.

Reference

http://archives.neohapsis.com/archives/bugtraq/2012-04/0125.html http://www.securityfocus.com/bid/53048 http://yehg.net/lab/pr0js/advisories/5Bacuity_cms2.6.x_(asp)5D_xss https://exchange.xforce.ibmcloud.com/vulnerabilities/74919