11 lines
No EOL
701 B
Text
11 lines
No EOL
701 B
Text
source: http://www.securityfocus.com/bid/47902/info
|
|
|
|
CiscoWorks Common Services is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input.
|
|
|
|
Exploiting this vulnerability could allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and launch other attacks.
|
|
|
|
This issue is being monitored by Cisco Bug ID CSCto12704.
|
|
|
|
CiscoWorks Common Services 3.3 and prior are vulnerable.
|
|
|
|
http://www.example.com/cwhp/device.center.do?device=&72a9f"><script>alert(1)</script>5f5251aaad=1 |