1098 matches found
CVE-2018-0219
The CVE-2018-0219 issue affects Cisco Unified Computing System (UCS) Director in its web-based management interface. The root cause is insufficient validation of user-supplied input, enabling an unauthenticated, remote attacker to cause a cross-site scripting (XSS) condition by tricking a user in...
CVE-2018-0144
A vulnerability in the web-based management interface of Cisco Prime Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...
CVE-2018-0220
A vulnerability in the web-based management interface of Cisco Videoscape AnyRes Live could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient...
CVE-2018-0208
A vulnerability in the web-based management interface of the cloud based Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is...
CVE-2018-0210
Cisco Data Center Network Manager (DCNM) contains a CSRF vulnerability that could allow an unauthenticated, remote attacker to cause arbitrary actions on an affected device by inducing a user to click a crafted link. The issue stems from insufficient CSRF protections in the web-based management i...
CVE-2018-0208
CVE-2018-0208 affects Cisco Registered Envelope Service (cloud based) web-based management interface. The issue is insufficient validation of user-supplied input, enabling an authenticated, remote attacker to perform cross-site scripting (XSS) against a user of the interface. Exploitation require...
CVE-2018-0220
A vulnerability in the web-based management interface of Cisco Videoscape AnyRes Live could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient...
CVE-2018-0148
A vulnerability in the web-based management interface of Cisco UCS Director Software and Cisco Integrated Management Controller IMC Supervisor Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected...
CVE-2018-0206
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due...
CVE-2018-0148
CVE-2018-0148 affects Cisco UCS Director Software and Cisco IMC Supervisor Software, where the web-based management interface is vulnerable to cross-site request forgery (CSRF). An unauthenticated, remote attacker can induce an authenticated user to click a malicious link, enabling arbitrary acti...
CVE-2018-0206
The CVE affects Cisco Unified Communications Manager (CUCM) web-based management interface. It stems from insufficient validation of user-supplied input, enabling an unauthenticated, remote attacker to trigger a reflected cross-site scripting (XSS) attack by guiding a user to click a crafted link...
CVE-2018-0129
CVE-2018-0129 is a reflected cross-site scripting (XSS) vulnerability in Cisco Data Center Analytics Framework (DCAF) web-based management interface. Unauthenticated, remote attacker could lure a user to click a crafted link, triggering arbitrary script execution in the user’s browser context or ...
Cisco Data Center Analytics Framework Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due t...
Cross site scripting
A vulnerability in the web-based management interface of Cisco WAP150 Wireless-AC/N Dual Radio Access Point with Power over Ethernet PoE and WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attac...
CVE-2018-0091
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a Document Object Model DOM cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The...
CVE-2018-0091
Cisco ISE DOM-based XSS (CVE-2018-0091) affects the web-based management interface of Cisco Identity Services Engine. The vulnerability arises from insufficient validation of user-supplied input, allowing an unauthenticated, remote attacker to entice a user to click a malicious link and run arbit...
Cisco WAP150 Wireless Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco WAP150 Wireless-AC/N Dual Radio Access Point with Power over Ethernet PoE and WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attac...
Cisco Identity Services Engine DOM Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a Document Object Model DOM cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The...
CVE-2018-0118
The CVE-2018-0118 issue affects the web-based management interface of Cisco Unified Communications Manager, where insufficient validation of user-supplied input enables an unauthenticated, remote attacker to perform cross-site scripting (XSS) by persuading a user to click a crafted link. The impa...
Cisco Unified Communications Manager Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to perform a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...