CiscoWorks Common Services Framework Help Servlet Cross-Site Scripting Vulnerability

CiscoWorks Common Services contains a cross-site scripting vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks.

The vulnerability is due to improper validation of malformed user input supplied via URL parameters to the affected application. An unauthenticated, remote attacker could exploit this vulnerability by convincing a user to view a malicious link. If successful, the attacker could execute arbitrary script or HTML code in the user’s browser in the security context of the affected site.

Exploit code is available.

Cisco has confirmed this vulnerability and has released updated software.

To exploit this vulnerability, an attacker must convince a user to follow a malicious link. The attacker may provide links in e-mail or instant messages.

Functional exploit code that demonstrates the ability to execute malicious script in a user’s browser is publicly available.

This vulnerability was discovered and reported to Cisco Systems by Brett Gervasoni of Sense of Security.