Lucene search
Sense of SecurityEDB-ID:35763HistoryJun 18, 2011 - 12:00 a.m.
Cisco Unified Operations Manager 8.5 - 'iptm/ddv.do?deviceInstanceName' Cross-Site Scripting
2011-06-1800:00:00
Sense of Security
www.exploit-db.com
14
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/47901/info
Cisco Unified Operations Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials. Other attacks may also be possible.
This issue is being tracked by Cisco Bug ID CSCtn61716.
Cisco Unified Operations Manager versions prior to 8.6 are vulnerable.
http://www.example.com/iptm/ddv.do?deviceInstanceName=f3806"%3balert(1)//9b92b050cf5&deviceC
apability=deviceCap
http://www.example.com/iptm/ddv.do?deviceInstanceName=25099<script>alert(1)</script>f813ea8c
06d&deviceCapability=deviceCapRelated
cvelist
cvelist
CVE-2011-0959
2011-05-20 22:00:00
prion
prion
Cross site scripting
2011-05-20 22:55:00
exploitdb
exploitdb
nvd
nvd
CVE-2011-0959
2011-05-20 22:55:02
cve
cve
CVE-2011-0959
2011-05-20 22:55:02
cisco
cisco
seebug
seebug
Cisco Unified Operations Manager Multiple Vulnerabilities
2011-05-20 00:00:00
packetstorm
packetstorm
Cisco Unified Operations Manager XSS / SQL Injection / Directory Traversal
2011-05-18 00:00:00
securityvulns
securityvulns
Cisco Unified Operations Manager multiple security vulnerabilities
2011-05-21 00:00:00
Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006
2011-05-21 00:00:00
exploitpack
exploitpack
Cisco Unified Operations Manager - Multiple Vulnerabilities
2011-05-18 00:00:00
zdt
zdt
Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006
2011-05-18 00:00:00
nessus
nessus
Cisco Unified Operations Manager < 8.6 Multiple Vulnerabilities
2011-10-13 00:00:00