Lucene search
K

208 matches found

NVD
NVD
added 2025/07/02 5:15 p.m.11 views

CVE-2025-20307

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...

4.8CVSS0.00209EPSS
Exploits0References1
OSV
OSV
added 2025/07/02 5:15 p.m.6 views

CVE-2025-20307

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...

4.8CVSS6AI score0.00209EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/02 4:12 p.m.3 views

CVE-2025-20307 Cisco BroadWorks Application Delivery Platform Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...

4.8CVSS5.8AI score0.00209EPSS
Exploits0References1
CVE
CVE
added 2025/07/02 4:12 p.m.30 views

CVE-2025-20307

Cisco BroadWorks CommPilot Application Software web-based management interface contains an authenticated XSS vulnerability caused by insufficient input validation. An attacker with valid administrative credentials could inject malicious code into specific pages, potentially executing script in th...

4.8CVSS5.8AI score0.00209EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/07/02 4:12 p.m.9 views

CVE-2025-20307 Cisco BroadWorks Application Delivery Platform Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...

4.8CVSS0.00209EPSS
Exploits0References1
Cisco
Cisco
added 2025/07/02 4:0 p.m.7 views

Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...

4.8CVSS6.2AI score0.00209EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/02 12:0 a.m.3 views

Cisco BroadWorks Application Delivery Platform 跨站脚本漏洞

Cisco BroadWorks Application Delivery Platform is an application delivery platform from Cisco. A cross-site scripting vulnerability exists in Cisco BroadWorks Application Delivery Platform that stems from insufficient validation of inputs to the web-based management interface, which could lead to...

4.8CVSS6AI score0.00209EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/02 12:0 a.m.8 views

PT-2025-27654 · Cisco · Cisco Broadworks Application Delivery Platform

Name of the Vulnerable Software and Affected Versions: Cisco BroadWorks Application Delivery Platform affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks agains...

5.5CVSS5.5AI score0.00209EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.5 views

The vulnerability in the web interface of Cisco BroadWorks Application Delivery Platform allows a attacker to execute XSS attacks.

The vulnerability in the web interface of the Cisco BroadWorks Application Delivery Platform exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

6.4CVSS5.4AI score0.00284EPSS
Exploits0References2Affected Software2
RedhatCVE
RedhatCVE
added 2025/05/23 9:36 a.m.8 views

CVE-2024-20270

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This...

5.4CVSS5.9AI score0.00355EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:53 a.m.16 views

CVE-2023-20020

A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due...

8.6CVSS7.1AI score0.00861EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:53 a.m.10 views

CVE-2023-20238

A vulnerability in the single sign-on SSO implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to forge the credentials required to access an affected system. This vulnerability is due to th...

10CVSS7.5AI score0.15324EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:47 a.m.8 views

CVE-2023-20204

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface...

5.4CVSS6AI score0.00358EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:47 a.m.5 views

CVE-2023-20125

A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources, causing a denial of service DoS condition. This vulnerability exists because rate limiting does not occur for certain incoming TCP connections. An...

8.6CVSS7AI score0.00914EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:46 a.m.7 views

CVE-2023-20216

A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local attacker to elevate privileges to root on an affected system. This vulnerability is due to incorrect implementation of user role permissions. An attacker could exploi...

7.8CVSS7.2AI score0.00148EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:45 a.m.8 views

CVE-2023-20210

A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted...

6CVSS7.1AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:50 p.m.5 views

CVE-2022-20948

A vulnerability in the web management interface of Cisco BroadWorks Hosted Thin Receptionist could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient user input validation. An attacker cou...

5.4CVSS6.1AI score0.00418EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/30 12:0 a.m.8 views

The vulnerability of the SIP processing subsystem of the Cisco BroadWorks platform allows a attacker to trigger a service failure.

The vulnerability of the SIP processing subsystem in Cisco BroadWorks collaboration platforms is related to uncontrolled memory consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

7.8CVSS8AI score0.00828EPSS
Exploits0References3Affected Software1
Cisco
Cisco
added 2025/03/04 4:0 p.m.10 views

Cisco Webex for BroadWorks Credential Exposure Vulnerability

A low-severity vulnerability in Cisco Webex for BroadWorks Release 45.2 could allow an unauthenticated, remote attacker to access data and credentials if unsecure transport is configured for SIP communication. This vulnerability is due to the exposure of sensitive information in the SIP headers. ...

6.8AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/21 4:24 p.m.7 views

CVE-2025-20211

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the web-based management interface do...

6.1CVSS6.7AI score0.00284EPSS
Exploits0References1
Rows per page
Query Builder