Cross-site Scripting Vulnerability in Cisco MediaSense
CVE-2014-0670

Currently unrated

Key Information:

Vendor: Cisco
Status: Mediasense
Vendor: CVE Published:; 22 January 2014

Summary

The vulnerability in Cisco MediaSense affects the Search and Play interface, where insufficient input validation allows remote attackers to inject arbitrary web scripts or HTML through an unspecified parameter. This can lead to unauthorized actions within the user's session, potentially compromising sensitive user data and application security. Organizations using Cisco MediaSense should apply appropriate updates and implement security measures to mitigate this risk.

References

http://www.securitytracker.com/id/1029667

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/56563

third-party-advisoryx_refsource_SECUNIA

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jan 22, 2014
Vulnerability Reserved
Jan 2, 2014