Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in the Management Center component in Cisco FireSIGHT System Software 6.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified fields, aka Bug IDs CSCus93566, CSCut31557, and CSCut47196.
References
Link | Resource |
---|---|
http://tools.cisco.com/security/center/viewAlert.x?alertId=39171 | Vendor Advisory |
http://www.securitytracker.com/id/1032482 | Third Party Advisory VDB Entry |
Configurations
History
No history.
Information
Published : 2015-06-04 10:59
Updated : 2024-02-04 18:53
NVD link : CVE-2015-0766
Mitre link : CVE-2015-0766
CVE.ORG link : CVE-2015-0766
JSON object : View
Products Affected
cisco
- firesight_system_software
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')