CVE-2006-1960 Information
Description
Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML possibly via the displayMsg parameter to archiveApplyDisplay.jsp aka bug ID CSCsc01095.
Reference
http://secunia.com/advisories/19736 http://securitytracker.com/id?1015965 http://www.assurance.com.au/advisories/200604-cisco.txt http://www.cisco.com/warp/public/707/cisco-sa-20060419-wlse.shtml http://www.osvdb.org/24812 http://www.securityfocus.com/archive/1/431367/30/5490/threaded http://www.securityfocus.com/archive/1/431371/30/5490/threaded http://www.securityfocus.com/bid/17604 http://www.vupen.com/english/advisories/2006/1434 https://exchange.xforce.ibmcloud.com/vulnerabilities/25883
Share on: