6666 matches found
Cisco IP Phone Cross-Site Scripting Vulnerability (CNVD-2024-45292)
Cisco IP Phone is a hardware device from the American company Cisco Cisco. IP Phone that provides calling capabilities. The Cisco IP Phone suffers from a cross-site scripting vulnerability that stems from the affected device's WebUI not properly validating user-supplied input. An authenticated,...
CVE-2024-20533
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting XSS attacks against users. This vulnerabilit...
CVE-2024-20530
A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An...
CVE-2024-20514
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This...
CVE-2024-20525
A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An...
CVE-2024-20538 Cisco Identity Services Engine Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. An...
CVE-2024-20538 Cisco Identity Services Engine Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. An...
CVE-2024-20538
CVE-2024-20538 concerns Cisco Identity Services Engine (ISE) web-based management interface. Documents confirm a cross-site scripting (XSS) vulnerability in the ISE web UI caused by insufficient input validation, enabling an unauthenticated, remote attacker to entice a user to click a crafted lin...
CVE-2024-20530 Cisco Identity Services Engine Reflected Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An...
CVE-2024-20530
Cisco ISE contains a web-based management interface XSS vulnerability (CVE-2024-20530). The issue arises from improper input validation in the interface, enabling an unauthenticated, remote attacker to lure a user via a crafted link to execute arbitrary script code in the user’s browser or access...
CVE-2024-20511
CVE-2024-20511 describes a cross-site scripting (XSS) vulnerability in the web-based management interfaces of Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME). The issue stems from insufficient input validation in the web UI, allowing an...
CVE-2024-20511 Cisco Unified Communications Manager Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user o...
CVE-2024-20511 Cisco Unified Communications Manager Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user o...
Cisco Firepower Management Center Cross-Site Scripting Vulnerability (CNVD-2024-43203)
Cisco Firepower Management Center FMC is a new generation of firewall management center software from Cisco. A cross-site scripting vulnerability exists in Cisco Firepower Management Center, which arises from insufficient validation of user-supplied input in the web management interface, and can ...
Cisco Firepower Management Center Cross-Site Scripting Vulnerability (CNVD-2024-43202)
Cisco Firepower Management Center FMC is a new generation of firewall management center software from Cisco. A cross-site scripting vulnerability exists in Cisco Firepower Management Center, which arises from insufficient validation of user-supplied input in the web management interface, and can ...
CVE-2024-20372
A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to...
CVE-2024-20415
A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient...
CVE-2024-20415
Cisco Firepower Management Center (FMC) web interface suffers reflected XSS due to insufficient validation of user-supplied input. Affected component is the web-based management UI; exploitation by an unauthenticated, remote attacker could run arbitrary script code in the interface context or acc...
CVE-2024-20410
A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient...
CVE-2024-20410
Cisco Firepower Management Center (FMC) web-based management interface is affected by a cross-site scripting (XSS) vulnerability due to insufficient input validation. The issue allows an unauthenticated, remote attacker to craft input in interface data fields that could execute arbitrary script c...