CVE-2006-3289

Currently unrated

Key Information:

Vendor: Cisco
Status: Wireless Control System
Vendor: CVE Published:; 28 June 2006

Summary

Cross-site scripting (XSS) vulnerability in the login page of the HTTP interface for the Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a "malicious URL".

References

http://www.vupen.com/english/advisories/2006/2583

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/20870

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/27441

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jun 28, 2006
Vulnerability Reserved
Jun 28, 2006