PT-2011-18: Cross-Site Scripting in Arbor Peakflow X Vulnerable softwareArbor Peakflow X Version: 4.2.3 and earlierLink: http://www.arbornetworks.com/Severity levelSeverity level: Medium Impact: Cross-Site Scripting Access Vector: Remote CVSS v2: Base Score: 4.3 Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)CVE: CVE-2011-4636Software descriptionThe Arbor Networks Peakflow X solution (“Peakflow X”) was purpose-built to meet the demands of the largest enterprises, addressing a wide range of external and internal security threats while maintaining business continuity. It constructs a system-wide view of the entire network, auto-learning host behaviors to determine who talks to whom, and how. Vulnerability descriptionThe specialists of the Positive Research center have detected a Cross-Site Scripting vulnerability in Arbor Peakflow X.XSS-vulnerable parameters are found on several web pages. The following parameters are vulnerable due to insufficient character escaping:a. /explore/entityinfo/ (mode_state parameter): How to fixUpdate your software up to the latest versionAdvisory status01.07.2011 - Vendor is notified 19.07.2011 - Vendor gets vulnerability details 02.03.2012 - Vendor releases fixed version and details 31.10.2013 - Public disclosureCreditsThe vulnerability was detected by Maxim Tsoy, Positive Research Center (Positive Technologies Company)Referenceshttp://en.securitylab.ru/lab/PT-2011-18 Reports on the vulnerabilities previously discovered by Positive Research:http://www.ptsecurity.com/research/advisory/ http://en.securitylab.ru/lab/