CVE-2007-1467 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS) VPN Client Unified Personal Communicator MeetingPlace Unified MeetingPlace Unified MeetingPlace Express CallManager IP Communicator Unified Video Advantage Unified Videoconferencing 35xx products Unified Videoconferencing Manager WAN Manager Security Device Manager Network Analysis Module (NAM) CiscoWorks and related products Wireless LAN Solution Engine (WLSE) 2006 Wireless LAN Controllers (WLC) and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form.

Reference

http://secunia.com/advisories/24499 http://securityreason.com/securityalert/2437 http://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.html http://www.securityfocus.com/archive/1/462932/100/0/threaded http://www.securityfocus.com/archive/1/462944/100/0/threaded http://www.securityfocus.com/bid/22982 http://www.securitytracker.com/id?1017778 http://www.vupen.com/english/advisories/2007/0973 https://exchange.xforce.ibmcloud.com/vulnerabilities/33024

Share on: