CVE-2006-3289 Information

Description

Cross-site scripting (XSS) vulnerability in the login page of the HTTP interface for the Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a \malicious URL.

Reference

http://secunia.com/advisories/20870 http://securitytracker.com/id?1016398 http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml http://www.osvdb.org/26880 http://www.securityfocus.com/bid/18701 http://www.vupen.com/english/advisories/2006/2583 https://exchange.xforce.ibmcloud.com/vulnerabilities/27441