CVE-2012-6559 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in FreeNAC 3.02 allow remote attackers to inject arbitrary web script or HTML via the (1) comment (2) mac (3) graphtype (4) name or (5) type parameter to stats.php; or (6) comment parameter to deviceadd.php.

Reference

http://www.exploit-db.com/exploits/18900 http://www.securityfocus.com/bid/53617 https://exchange.xforce.ibmcloud.com/vulnerabilities/75761 https://exchange.xforce.ibmcloud.com/vulnerabilities/75762