CVE-2016-1305

CVE-2016-1305 is a Cross-Site Scripting (XSS) vulnerability in Cisco APIC-EM 1.1. The issue stems from insufficient sanitization of HTML entities in the web framework, enabling remote attackers to inject arbitrary script/HTML via vectors involving HTML entities (Bug ID CSCux15511). The NVD listin...