CVE-2012-3238
Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field.
Date published : 2012-07-09
http://www.astaro.com/en-uk/blog/up2date/8305
http://archives.neohapsis.com/archives/fulldisclosure/2012-06/0206.html