Cisco Broadcast Access Center for Telco and Wireless Cross-Site Scripting Vulnerability

A vulnerability in the web framework of the Cisco Broadcast Access Center for Telco and Wireless BAC-TW could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the Cisco BAC-TW web interface. The vulnerability is due to insufficient input...

Cisco Broadcast Access Center for Telco and Wireless Cross-Site Request Forgery Vulnerability

A vulnerability in the web framework of the Cisco Broadcast Access Center for Telco and Wireless BAC-TW could allow an unauthenticated, remote attacker to perform a cross-site request forgery CSRF attack against the Cisco BAC-TW web interface. The vulnerability is due to insufficient CSRF...

CVE-2014-2190

Cross-site request forgery CSRF vulnerability in the web framework in Cisco Broadcast Access Center for Telco and Wireless aka BAC-TW allows remote attackers to hijack the authentication of arbitrary users for requests that make BAC-TW changes, aka Bug IDs CSCuo23804 and CSCuo26389...

Cross site scripting

Cross-site scripting XSS vulnerability in the web framework in Cisco Broadcast Access Center for Telco and Wireless aka BAC-TW allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun91113...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the web framework in Cisco Broadcast Access Center for Telco and Wireless aka BAC-TW allows remote attackers to hijack the authentication of arbitrary users for requests that make BAC-TW changes, aka Bug IDs CSCuo23804 and CSCuo26389...

CVE-2014-2191

The CVE-2014-2191 entry affects Cisco’s Broadcast Access Center for Telco and Wireless (BAC-TW). It is a Cross-Site Scripting (XSS) vulnerability in the BAC-TW web framework caused by insufficient input validation of a parameter, enabling an unauthenticated, remote attacker to inject arbitrary sc...

CVE-2014-2191

Cross-site scripting XSS vulnerability in the web framework in Cisco Broadcast Access Center for Telco and Wireless aka BAC-TW allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun91113...

CVE-2014-2190

Cisco BAC-TW’s web framework suffers a CSRF vulnerability where an unauthenticated attacker can trick an authenticated user into performing changes on the BAC-TW interface. The issue stems from insufficient CSRF protections, enabling cross-site requests that may modify BAC-TW settings. Cisco’s ad...