CVE-2012-5053 Information

Description

Cross-site scripting (XSS) vulnerability in the Receiver Web User Interface on Trimble Infrastructure GNSS Series Receivers NetR3 NetR5 NetR8 and NetR9 before 4.70 and NetRS before 1.3-2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Reference

http://archives.neohapsis.com/archives/bugtraq/2013-01/0063.html http://trl.trimble.com/docushare/dsweb/Get/Document-636664/NetRS_1203-2_RelNotes.pdf http://trl.trimble.com/docushare/dsweb/Get/Document-644791/Infrastructure_GNSS-SeriesReceivers_4.70_RelNotes.pdf