5 matches found
Cisco BBSM AccesCodeStart.asp文件跨站脚本漏洞
BUGTRAQ ID: 29191 CVECAN ID: CVE-2008-2165 Cisco Building Broadband Service Manager(BBSM)是基于软件的服务创建平台,可为政府部门提供高度自动化的、非常方便的宽带服务方法。 Cisco BBSM的AccessCodeStart.asp页面没有正确地过滤对msg参数的输入便返回给了用户,这允许远程攻击者通过提交恶意URL请求执行跨站脚本攻击,导致在用户浏览器会话中执行任意HTML和脚本代码。 Cisco BBSM 5.3 Cisco -----...
CVE-2008-2165
Cross-site scripting XSS vulnerability in AccessCodeStart.asp in Cisco Building Broadband Service Manager BBSM Captive Portal 5.3 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
CVE-2008-2165
Cisco BBSM Captive Portal 5.3 is affected by a non-persistent XSS in AccessCodeStart.asp where the msg parameter is not properly filtered, allowing remote attackers to inject arbitrary script via crafted URLs. Impact is user browser execution of injected code; Cisco has released a patch/update fo...
Cisco BBSM Captive Portal Cross-site Scripting
Title: Cisco BBSM Captive Portal Cross-site Scripting ------------------------------------------------------------- Vendor: Cisco Systems Vendor URL: www.cisco.com Vendor Response: Vendor has been notified and has since addressed the issue in the latest software release. Description: A...
Cisco Building Broadband Service Manager Captive Portal crossite scripting
Crossite scripting with http://host/ekgnkm/AccessCodeStart.asp?msg=3Cscript3Ealert22XSS22;3C/script3E...