- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 35779
- Проверка EDB
-
- Пройдено
- Автор
- SENSE OF SECURITY
- Тип уязвимости
- REMOTE
- Платформа
- HARDWARE
- CVE
- cve-2011-0961
- Дата публикации
- 2011-05-18
Код:
source: https://www.securityfocus.com/bid/47902/info
CiscoWorks Common Services is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input.
Exploiting this vulnerability could allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and launch other attacks.
This issue is being monitored by Cisco Bug ID CSCto12704.
CiscoWorks Common Services 3.3 and prior are vulnerable.
http://www.example.com/cwhp/device.center.do?device=&72a9f"><script>alert(1)</script>5f5251aaad=1- Источник
- www.exploit-db.com
