Cross site scripting

A vulnerability in the web framework code of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of an affected system. Affected Products: Cisco Firepower Management Center Software...

CVE-2017-6702

A vulnerability in the web framework of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. More Information: CSCve15285. Known Affected Releases: 11.51...

CVE-2017-6715

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface. Affected Products: Cisco Firepower Management Center Releases 5.4.1.x and prior. More...

CVE-2017-6717

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface. More Information: CSCvc38801. Known Affected Releases: 6.0.1.3 6.2.1. Known Fixed Releases: 6.2...

CVE-2017-6716

A vulnerability in the web framework code of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of an affected system. Affected Products: Cisco Firepower Management Center Software...

CVE-2017-6724

A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. More Information: CSCuw65843. Known Affected Releases: 3.10.0...

CVE-2017-6702

A vulnerability in the web framework of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. More Information: CSCve15285. Known Affected Releases: 11.51...

CVE-2017-6724

A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. More Information: CSCuw65843. Known Affected Releases: 3.10.0...

CVE-2017-6725

Cisco Prime Infrastructure Web Framework Code Cross-Site Scripting Vulnerability (CVE-2017-6725) affects Cisco Prime Infrastructure’s web interface. The issue arises in the web framework code where insufficient input validation allows an unauthenticated, remote attacker to perform an XSS against ...

CVE-2017-6724

CVE-2017-6724 concerns Cisco Prime Infrastructure Web Framework Code, where insufficient input validation allows an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack against a user of the web interface. Affected release noted as 3.1(0.0). The vulnerability is caused ...

CVE-2017-6717

Cisco Firepower Management Center (FMC) is affected by CVE-2017-6717, a cross-site scripting (XSS) vulnerability in the FMC web framework. An authenticated, remote attacker could exploit this via the web interface to target a FMC user. Affected releases include 6.0.1.3 and 6.2.1; fixed in 6.2.1 (...

CVE-2017-6715

CVE-2017-6715 describes an XSS vulnerability in the web framework of Cisco Firepower Management Center. An authenticated, remote attacker could exploit the issue via crafted input in the web interface to execute script code in a user’s browser. Affected products are Cisco Firepower Management Cen...

CVE-2017-6716

A vulnerability in the web framework code of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of an affected system. Affected Products: Cisco Firepower Management Center Software...

CVE-2017-6725

A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. More Information: CSCuw65833 CSCuw65837. Known Affected Releases: 2.22...

CVE-2017-6716

The CVE-2017-6716 issue affects Cisco Firepower Management Center (FMC) web framework. A stored XSS vulnerability exists in FMC’s web interface that can be exploited by an authenticated, remote attacker against users, with affected releases prior to 6.0.0.0 (notably 5.4.1.6). The root cause is im...

Cisco Prime Infrastructure Cross-Site Scripting Vulnerability (CNVD-2017-13826)

Cisco Prime Infrastructure PI is a set of Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS technologies for wireless management. solution. A cross-site scripting vulnerability exists in the Web framework code in Cisco PI, which arises from the program failing to...

Cisco Prime Infrastructure Cross-Site Scripting Vulnerability (CNVD-2017-13825)

Cisco Prime Infrastructure PI is a Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS technology for wireless management. solution. A cross-site scripting vulnerability exists in the Web framework code in Cisco PI, which arises from the program failing to adequatel...

Moderate: Red Hat Security Advisory: python-django security update

An update for python-django is now available for Red Hat OpenStack Platform 10.0 Newton. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Cisco Firepower Management Center Cross-Site Scripting Vulnerability (CNVD-2017-15836)

Cisco Firepower Management Center is a new generation of firewall management center software from the U.S. company Cisco Cisco. A cross-site scripting vulnerability exists in the Web Framework in Cisco Firepower Management Center 5.4.1 and prior versions, which arises from the program failing to...

Cisco SocialMiner Cross-Site Scripting Vulnerability (CNVD-2017-15831)

Cisco SocialMiner is the social media customer care solution. A security vulnerability exists in the web framework of Cisco SocialMiner that allows an unauthenticated, remote attacker to perform cross-site scripting attacks on the web interface of the affected system...