Cisco Prime Infrastructure Cross-Site Scripting Vulnerability (CNVD-2020-00295)

Cisco Prime Infrastructure Software is the United States Cisco Cisco company's set of basic network lifecycle management solutions. The product integrates Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS. A cross-site scripting vulnerability exists in the web-bas...

The vulnerability of the Cisco Prime Network lifecycle management software allows a hacker to inject any HTML or JavaScript code into the loaded page.

The vulnerability of the Cisco Prime Network lifecycle management software is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to inject arbitrary HTML or JavaScript code into the uploaded page through a specially crafted link...

The vulnerability of the Cisco Prime Infrastructure network lifecycle management software allows a hacker to carry out a cross-site scripting attack.

The vulnerability in the HTTP web interface of the Cisco Prime Infrastructure network lifecycle management software exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...