208 matches found
CVE-2025-20307
A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...
CVE-2025-20307
A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...
CVE-2025-20307 Cisco BroadWorks Application Delivery Platform Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...
CVE-2025-20307
Cisco BroadWorks CommPilot Application Software web-based management interface contains an authenticated XSS vulnerability caused by insufficient input validation. An attacker with valid administrative credentials could inject malicious code into specific pages, potentially executing script in th...
CVE-2025-20307 Cisco BroadWorks Application Delivery Platform Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...
Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...
Cisco BroadWorks Application Delivery Platform 跨站脚本漏洞
Cisco BroadWorks Application Delivery Platform is an application delivery platform from Cisco. A cross-site scripting vulnerability exists in Cisco BroadWorks Application Delivery Platform that stems from insufficient validation of inputs to the web-based management interface, which could lead to...
PT-2025-27654 · Cisco · Cisco Broadworks Application Delivery Platform
Name of the Vulnerable Software and Affected Versions: Cisco BroadWorks Application Delivery Platform affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks agains...
The vulnerability in the web interface of Cisco BroadWorks Application Delivery Platform allows a attacker to execute XSS attacks.
The vulnerability in the web interface of the Cisco BroadWorks Application Delivery Platform exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
CVE-2024-20270
A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This...
CVE-2023-20020
A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due...
CVE-2023-20238
A vulnerability in the single sign-on SSO implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to forge the credentials required to access an affected system. This vulnerability is due to th...
CVE-2023-20204
A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface...
CVE-2023-20125
A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources, causing a denial of service DoS condition. This vulnerability exists because rate limiting does not occur for certain incoming TCP connections. An...
CVE-2023-20216
A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local attacker to elevate privileges to root on an affected system. This vulnerability is due to incorrect implementation of user role permissions. An attacker could exploi...
CVE-2023-20210
A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted...
CVE-2022-20948
A vulnerability in the web management interface of Cisco BroadWorks Hosted Thin Receptionist could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient user input validation. An attacker cou...
The vulnerability of the SIP processing subsystem of the Cisco BroadWorks platform allows a attacker to trigger a service failure.
The vulnerability of the SIP processing subsystem in Cisco BroadWorks collaboration platforms is related to uncontrolled memory consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
Cisco Webex for BroadWorks Credential Exposure Vulnerability
A low-severity vulnerability in Cisco Webex for BroadWorks Release 45.2 could allow an unauthenticated, remote attacker to access data and credentials if unsecure transport is configured for SIP communication. This vulnerability is due to the exposure of sensitive information in the SIP headers. ...
CVE-2025-20211
A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the web-based management interface do...