Lucene search
K

4 matches found

Prion
Prion
added 2015/02/12 1:59 a.m.21 views

Cross site scripting

The web interface in Cisco Prime Infrastructure 2.1 and earlier does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting XFS" issue, aka B...

4.3CVSS6.8AI score0.01476EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2015/02/12 1:59 a.m.26 views

CVE-2014-2147

The web interface in Cisco Prime Infrastructure 2.1 and earlier does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting XFS" issue, aka B...

4.3CVSS6.4AI score0.01476EPSS
Exploits0References5
Cvelist
Cvelist
added 2015/02/12 1:0 a.m.27 views

CVE-2014-2147

The web interface in Cisco Prime Infrastructure 2.1 and earlier does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting XFS" issue, aka B...

6.3AI score0.01476EPSS
Exploits0References5
CVE
CVE
added 2015/02/12 1:0 a.m.56 views

CVE-2014-2147

The CVE-2014-2147 issue affects Cisco Prime Infrastructure 2.1 and earlier, where the web interface does not properly restrict IFRAME use, due to insufficient HTML iframe protection. This enables cross-frame scripting (XFS) attacks, including clickjacking, via a crafted attacker-controlled page. ...

4.3CVSS6.5AI score0.01476EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder