Cross-Site Scripting Vulnerability in Cisco Unified Operations Manager
CVE-2011-0962
Currently unrated
Summary
A cross-site scripting vulnerability exists in the ServerHelpEngine component of Cisco Unified Operations Manager's Common Services Device Center. This issue enables remote attackers to inject arbitrary web scripts or HTML through the 'tag' parameter. Exploitation can lead to various attacks, including session hijacking and unauthorized actions on behalf of users. This vulnerability affects versions of Cisco Unified Operations Manager prior to 8.6.
References
EPSS Score
10% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved