Cross-Site Scripting Vulnerability in Cisco Prime Network Registrar
CVE-2013-3394

Currently unrated

Key Information:

Vendor: Cisco
Status: Prime Network Registrar
Vendor: CVE Published:; 27 November 2013

Summary

A cross-site scripting vulnerability exists in the web interface of Cisco Prime Network Registrar versions 8.1 and earlier. This flaw allows remote attackers to inject arbitrary web scripts or HTML by exploiting crafted input fields. Successful exploitation may lead to unauthorized access to sensitive user information or manipulation of web session data. Organizations using affected versions should implement security measures to mitigate potential attacks.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 27, 2013
Vulnerability Reserved
May 6, 2013