Lucene search
Sense of SecurityEDB-ID:35779HistoryMay 18, 2011 - 12:00 a.m.
CiscoWorks Common Services Framework 3.1.1 Help Servlet - Cross-Site Scripting
2011-05-1800:00:00
Sense of Security
www.exploit-db.com
17
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/47902/info
CiscoWorks Common Services is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input.
Exploiting this vulnerability could allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and launch other attacks.
This issue is being monitored by Cisco Bug ID CSCto12704.
CiscoWorks Common Services 3.3 and prior are vulnerable.
http://www.example.com/cwhp/device.center.do?device=&72a9f"><script>alert(1)</script>5f5251aaad=1Related
checkpoint_advisories
checkpoint_advisories
cve
cve
CVE-2011-0961
2011-05-20 22:55:02
nvd
nvd
CVE-2011-0961
2011-05-20 22:55:02
cvelist
cvelist
CVE-2011-0961
2011-05-20 22:00:00
prion
prion
Cross site scripting
2011-05-20 22:55:00
cisco
cisco
seebug
seebug
Cisco Unified Operations Manager Multiple Vulnerabilities
2011-05-20 00:00:00
exploitdb
exploitdb
Cisco Unified Operations Manager - Multiple Vulnerabilities
2011-05-18 00:00:00
packetstorm
packetstorm
Cisco Unified Operations Manager XSS / SQL Injection / Directory Traversal
2011-05-18 00:00:00
securityvulns
securityvulns
Cisco Unified Operations Manager multiple security vulnerabilities
2011-05-21 00:00:00
Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006
2011-05-21 00:00:00
exploitpack
exploitpack
Cisco Unified Operations Manager - Multiple Vulnerabilities
2011-05-18 00:00:00
zdt
zdt
Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006
2011-05-18 00:00:00
nessus
nessus
Cisco Unified Operations Manager < 8.6 Multiple Vulnerabilities
2011-10-13 00:00:00