4 matches found
Cross site scripting
The web interface in Cisco Prime Infrastructure 2.1 and earlier does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting XFS" issue, aka B...
CVE-2014-2147
The web interface in Cisco Prime Infrastructure 2.1 and earlier does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting XFS" issue, aka B...
CVE-2014-2147
The web interface in Cisco Prime Infrastructure 2.1 and earlier does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting XFS" issue, aka B...
CVE-2014-2147
The CVE-2014-2147 issue affects Cisco Prime Infrastructure 2.1 and earlier, where the web interface does not properly restrict IFRAME use, due to insufficient HTML iframe protection. This enables cross-frame scripting (XFS) attacks, including clickjacking, via a crafted attacker-controlled page. ...