264 matches found
CVE-2015-0706
Cisco FireSIGHT Management Center/Open Redirect: A vulnerability in the web framework allows an unauthenticated, remote attacker to inject a crafted HTTP header, causing users to be redirected to arbitrary sites and enabling phishing. Affected are FireSIGHT System Software 5.3.1.1, 5.3.1.2, and 6...
CVE-2015-0707
Cross-site scripting XSS vulnerability in Cisco FireSIGHT System Software 5.3.1.1 and 6.0.0 in FireSIGHT Management Center allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCus85425...
Cisco FireSIGHT Management Center Web Framework Stored Cross-Site Scripting Vulnerability
A vulnerability in the web framework of Cisco FireSIGHT Management Center MC could allow an authenticated, remote attacker to execute a stored cross-site scripting XSS attack against the user of the web interface. The vulnerability is due to improper sanitization of parameter values. An attacker...
Cisco FireSIGHT Management Center Web Framework HTTP Header Redirection Vulnerability
A vulnerability in the web framework of Cisco FireSIGHT Management Center could allow an unauthenticated, remote attacker to inject a crafted HTTP header that causes users to be redirected to a malicious website. The vulnerability is due to insufficient validation of user input before it is used ...