2 matches found
Cross site scripting
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface do...
CVE-2017-12248
CVE-2017-12248 concerns Cisco Unified Intelligence Center Software. The issue is a cross-site scripting (XSS) vulnerability caused by insufficient input validation in the web framework code, allowing an unauthenticated, remote attacker to craft a malicious link or intercept a user request to inje...