Cross-Site Scripting Vulnerability in Cisco Content Security Management
CVE-2013-3396

Currently unrated

Key Information:

Vendor
Cisco
Status
Content Security Management Appliance
Vendor
CVE Published:
26 June 2013

Summary

The web framework in Cisco Content Security Management on Security Management Appliance (SMA) devices contains a cross-site scripting (XSS) vulnerability. This flaw allows remote attackers to inject arbitrary web scripts or HTML into the affected application through unspecified parameters. Successful exploitation could lead to unauthorized actions being executed in a user's browser and the potential exposure of sensitive data.

References

http://www.securityfocus.com/bid/60829
vdb-entryx_refsource_BID
http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.