Cisco Prime Service Catalog Open Redirect Vulnerability

Cisco Prime Service Catalog PSC is a service catalog solution from Cisco USA that provides all IT services through a single portal. The solution supports automated ordering of a unified service catalog for computing, networking, storage, and other data center resources. An open redirection...

CVE-2017-3810

A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected system. More Information: CSCvb21745. Known Affected Releases: 10.0R2tanggula...

Information disclosure

A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected system. More Information: CSCvb21745. Known Affected Releases: 10.0R2tanggula...

CVE-2017-3810

A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected system. More Information: CSCvb21745. Known Affected Releases: 10.0R2tanggula...

CVE-2017-3810

A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected system. More Information: CSCvb21745. Known Affected Releases: 10.0R2tanggula...

CVE-2017-3810

The CVE-2017-3810 issue affects Cisco Prime Service Catalog Web framework. An authenticated, remote attacker could trigger a web URL redirect to a malicious site due to insufficient input validation on URL parameters, enabling phishing-like redirections for users already logged in. Public descrip...

CVE-2016-9200

A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface. More Information: CSCut43268. Known Affected Releases: 10.51 10.6...

CVE-2016-9200

A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface. More Information: CSCut43268. Known Affected Releases: 10.51 10.6...

Cross site scripting

A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface. More Information: CSCut43268. Known Affected Releases: 10.51 10.6...

CVE-2016-9200

A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface. More Information: CSCut43268. Known Affected Releases: 10.51 10.6...

CVE-2016-9200

Cisco Prime Collaboration Assurance is affected by an XSS vulnerability in its web framework code. The issue allows an unauthenticated, remote attacker to inject scripts via web input due to insufficient input validation, potentially impacting users of the web interface. Affected releases include...

Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability

A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface. The vulnerability is due to insufficient input validation of some parameters that ar...

[SECURITY] Fedora 25 Update: python-django-1.9.11-1.fc25

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 24 Update: python-django-1.9.11-1.fc24

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

CVE-2016-6453

A vulnerability in the web framework code of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary SQL commands on the database. More Information: CSCva46542. Known Affected Releases: 1.30.876...

CVE-2016-6451

Multiple vulnerabilities in the web framework code of the Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. More Information: CSCut43061 CSCut43066...

Cross site scripting

A vulnerability in the web framework code of the Cisco IP Interoperability and Collaboration System IPICS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. More Information: CSCva47092. Known Affected Releases: 4.101...

Cross site scripting

Multiple vulnerabilities in the web framework code of the Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. More Information: CSCut43061 CSCut43066...

Sql injection

A vulnerability in the web framework code of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary SQL commands on the database. More Information: CSCva46542. Known Affected Releases: 1.30.876...

CVE-2016-6429

A vulnerability in the web framework code of the Cisco IP Interoperability and Collaboration System IPICS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. More Information: CSCva47092. Known Affected Releases: 4.101...