Cross site scripting

Cross-site scripting XSS vulnerability in Cisco Videoscape Distribution Suite Service Manager VDS-SM 3.0 through 3.4.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCva14552...

CVE-2016-6418

CVE-2016-6418 is a cross-site scripting (XSS) vulnerability in Cisco Videoscape Distribution Suite Service Manager (VDS-SM) versions 3.0–3.4.0. The issue arises from insufficient validation of user-supplied input in the web-based management interface, allowing a remote attacker to inject arbitrar...

CVE-2016-6418

Cross-site scripting XSS vulnerability in Cisco Videoscape Distribution Suite Service Manager VDS-SM 3.0 through 3.4.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCva14552...

Cisco Videoscape Distribution Suite Service Manager Reflective Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Videoscape Distribution Suite Service Manager VDS-SM could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The...

CVE-2015-6417

CVE-2015-6417 affects Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.4.0 and earlier. The root cause is failure to consistently enforce RBAC for the back-end database, enabling an authenticated remote user to read and write database entries via the GUI or a crafted HTTP request. T...

CVE-2015-6417

Cisco Videoscape Distribution Suite Service Manager VDS-SM 3.4.0 and earlier does not always use RBAC for backend database access, which allows remote authenticated users to read or write to database entries via 1 the GUI or 2 a crafted HTTP request, aka Bug ID CSCuv87025...