Cross-Site Scripting Flaw in Cisco Security Monitoring System
CVE-2013-5563

Currently unrated

Key Information:

Vendor: Cisco
Status: Security Monitoring Analysis And Response System
Vendor: CVE Published:; 6 November 2013

What is CVE-2013-5563?

A cross-site scripting (XSS) vulnerability exists within the Query/NewQueryResult.jsp file of Cisco Security Monitoring, Analysis and Response System (CS-MARS). This flaw allows remote attackers to inject arbitrary web scripts or HTML code by manipulating the isnowLatency parameter. Exploitation of this vulnerability could lead to unauthorized script execution in the context of users accessing the platform, potentially compromising sensitive data and enabling further attacks.

References

http://archives.neohapsis.com/archives/bugtraq/2013-11/00...

mailing-listx_refsource_BUGTRAQ

http://research.smartnetsecurity.net/advisory/-smt-sa-201...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 6, 2013