5 matches found
CVE-2018-0208
CVE-2018-0208 affects Cisco Registered Envelope Service (cloud based) web-based management interface. The issue is insufficient validation of user-supplied input, enabling an authenticated, remote attacker to perform cross-site scripting (XSS) against a user of the interface. Exploitation require...
CVE-2017-12291
The CVE-2017-12291 issue affects Cisco’s Cloud-based Cisco Registered Envelope Service web interface. The vulnerability set stems from insufficient validation of user-supplied input in the web-based management UI, enabling an unauthenticated, remote attacker to perform cross-site scripting (XSS) ...
CVE-2017-12290
CVE-2017-12290 affects Cisco Registered Envelope Service web interface. The issue involves multiple XSS and URL-redirect vulnerabilities due to insufficient input validation, allowing unauthenticated, remote attackers to execute arbitrary script code or steal browser-based information by luring u...
CVE-2017-12292
Cisco Registered Envelope Service (cloud-based) web interface contains multiple cross-site scripting (XSS) vulnerabilities due to insufficient validation of user-supplied input. An unauthenticated, remote attacker could lure a user via a malicious link or crafted HTTP request to execute arbitrary...
CVE-2017-12322
The CVE-2017-12322 issue concerns Cisco Registered Envelope Service (cloud-based web interface). Multiple vulnerabilities allow unauthenticated, remote attackers to perform cross-site scripting (XSS) or redirect users to malicious pages due to insufficient validation of user-supplied input. An at...