CVE-2007-5582 Information
Description
Cross-site scripting (XSS) vulnerability in the login page in Cisco CiscoWorks Server (CS) possibly 2.6 and earlier when using CiscoWorks Common Services 3.0.x and 3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Reference
http://secunia.com/advisories/27902 http://securityreason.com/securityalert/3449 http://securitytracker.com/id?1019043 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsk69289 http://www.cisco.com/warp/public/707/cisco-sr-20071205-cw.shtml http://www.liquidmatrix.org/blog/2007/12/05/advisory-cross-site-scripting-in-ciscoworks/ http://www.securityfocus.com/archive/1/484609/100/0/threaded http://www.securityfocus.com/bid/26708 http://www.vupen.com/english/advisories/2007/4102 https://exchange.xforce.ibmcloud.com/vulnerabilities/38862
Share on: