2 matches found
CVE-2017-12348
Cisco UCS Central Software web-based management interface contains cross-site scripting (XSS) vulnerabilities (CVE-2017-12348) that could allow a remote attacker to execute script in the user’s browser or hijack a session ID. Root cause: inadequate validation of user-submitted input in the web in...
CVE-2017-12348
Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scripting XSS attack against a user of the affected interface or hijack a valid session ID from a user of the affected interface. Cisco Bug IDs:...