CVE-2006-1960

Currently unrated

Key Information:

Vendor: Cisco
Status: Wireless Lan Solution Engine
Vendor: CVE Published:; 21 April 2006

Summary

Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka bug ID CSCsc01095.

References

http://www.assurance.com.au/advisories/200604-cisco.txt

x_refsource_MISC

http://www.securityfocus.com/bid/17604

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/431371/30/5490/thr...

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Apr 21, 2006
Vulnerability Reserved
Apr 21, 2006