CVE-2019-1875
Cisco Prime Service Catalog’s web-based management interface is vulnerable to cross-site scripting (XSS) due to insufficient validation of user-supplied input. An authenticated, remote attacker can craft strings added to multiple configuration fields to execute arbitrary script code within the in...