CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
86.1%
Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka bug ID CSCsc01095.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | wireless_lan_solution_engine | 2.0 | cpe:2.3:a:cisco:wireless_lan_solution_engine:2.0:*:*:*:*:*:*:* |
cisco | wireless_lan_solution_engine | 2.0 | cpe:2.3:a:cisco:wireless_lan_solution_engine:2.0:*:express:*:*:*:*:* |
cisco | wireless_lan_solution_engine | 2.1 | cpe:2.3:a:cisco:wireless_lan_solution_engine:2.1:*:*:*:*:*:*:* |
cisco | wireless_lan_solution_engine | 2.1 | cpe:2.3:a:cisco:wireless_lan_solution_engine:2.1:*:express:*:*:*:*:* |
cisco | wireless_lan_solution_engine | 2.2 | cpe:2.3:a:cisco:wireless_lan_solution_engine:2.2:*:*:*:*:*:*:* |
cisco | wireless_lan_solution_engine | 2.2 | cpe:2.3:a:cisco:wireless_lan_solution_engine:2.2:*:express:*:*:*:*:* |
cisco | wireless_lan_solution_engine | 2.3 | cpe:2.3:a:cisco:wireless_lan_solution_engine:2.3:*:*:*:*:*:*:* |
cisco | wireless_lan_solution_engine | 2.3 | cpe:2.3:a:cisco:wireless_lan_solution_engine:2.3:*:express:*:*:*:*:* |
cisco | wireless_lan_solution_engine | 2.4 | cpe:2.3:a:cisco:wireless_lan_solution_engine:2.4:*:*:*:*:*:*:* |
cisco | wireless_lan_solution_engine | 2.4 | cpe:2.3:a:cisco:wireless_lan_solution_engine:2.4:*:express:*:*:*:*:* |
secunia.com/advisories/19736
securitytracker.com/id?1015965
www.assurance.com.au/advisories/200604-cisco.txt
www.cisco.com/warp/public/707/cisco-sa-20060419-wlse.shtml
www.osvdb.org/24812
www.securityfocus.com/archive/1/431367/30/5490/threaded
www.securityfocus.com/archive/1/431371/30/5490/threaded
www.securityfocus.com/bid/17604
www.vupen.com/english/advisories/2006/1434
exchange.xforce.ibmcloud.com/vulnerabilities/25883