102 matches found
Cisco IOS XE Software Web UI Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based user interface web UI of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web UI of the affected software. The vulnerabilities are due to insufficient input validation...
Cross site scripting
A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface of an affected system. The vulnerability is due to...
CVE-2018-0145
A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface of an affected system. The vulnerability is due to...
CVE-2018-0200
A vulnerability in the web-based interface of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based interface of an affected product. The vulnerability is due to insufficient validation of...
CVE-2018-0129
A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is du...
CVE-2018-0128
A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due t...
CVE-2017-12366
Cisco WebEx Meeting Center is affected by CVE-2017-12366 through insufficient input validation of parameters sent to the web server, enabling an unauthenticated, remote attacker to perform cross-site scripting (XSS). Exploitation requires convincing a user to follow a malicious link or intercepti...
CVE-2017-12294
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the...
CVE-2017-12294
Cisco WebEx Meetings Server is affected by CVE-2017-12294, a cross-site scripting (XSS) vulnerability caused by insufficient input validation in certain web-server parameters. An authenticated, remote attacker could lure a user to a crafted link or intercept a request to inject malicious script, ...
Cross site scripting
A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the...
CVE-2017-12298
A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the...
Cross site scripting
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the...
CVE-2017-12296
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the...
Cisco WebEx Meeting Center Cross-Site Scripting Vulnerability
A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the...
CVE-2017-6762
A vulnerability in the web-based management interface of Cisco Jabber Guest Server 10.69, 11.00, and 11.01 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected software. The vulnerability ...
Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Web Security Appliance WSA could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...
Cisco Prime Infrastructure and Evolved Programmable Network Manager DOM Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to conduct a Document Object Model DOM based environment or client-side cross-site scripting XSS attack against a us...
Cisco Prime Infrastructure Web Framework Code Cross-Site Scripting Vulnerabilities
A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of some...
Cisco SocialMiner Cross-Site Scripting Vulnerability
A vulnerability in the web framework of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation. An attacker could exploit th...
Cisco Email Security and Content Security Management Appliance Message Tracking Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA and Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an...