CVE-2017-3866
Cisco Prime Service Catalog exposes a cross-site scripting (XSS) vulnerability in its web framework. An unauthenticated, remote attacker could leverage insufficient input validation of web parameters to execute arbitrary scripts in a user’s browser. Affected release includes 11.1.2. The Cisco adv...