2 matches found
Cisco SD-WAN vManage API Stored XSS (cisco-sa-vmanage-xss-eN75jxtW)
According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a stored cross-site scripting vulnerability due to the API not properly validating user-supplied input. An authenticated, remote attacker can exploit this, by sending malicious input to the API, to execute...
CVE-2021-1507
Cisco SD-WAN vManage API stores inputs XSS vulnerability affecting authenticated remote users. The issue arises because the API does not properly validate input, enabling execution of arbitrary script code in the web UI context or access to browser-based information. Affected product: Cisco SD-WA...