Multiple XSS Vulnerabilities in Cisco Connected Grid Network Management System

CVE-2013-1171

Summary

Multiple cross-site scripting (XSS) vulnerabilities exist within the element-list implementation of Cisco's Connected Grid Network Management System (CG-NMS). These vulnerabilities enable remote attackers to inject arbitrary web scripts or HTML, potentially compromising the integrity and confidentiality of affected systems. Exploitation may occur through unspecified vectors, which could lead to unauthorized actions being performed on behalf of users or the disclosure of sensitive information. Organizations utilizing CG-NMS should apply the latest security patches to mitigate these risks.

References