Cross-Site Scripting Vulnerabilities in Cisco Prime Security Manager
CVE-2014-2118

Currently unrated

Key Information:

Vendor: Cisco
Status: Prime Security Manager
Vendor: CVE Published:; 27 March 2014

Summary

Cisco Prime Security Manager has multiple vulnerabilities related to cross-site scripting in its dashboard HTML documents. Attackers can exploit these weaknesses to inject arbitrary web scripts or HTML into the pages through unspecified parameters, thereby compromising user sessions and potentially escalating their access privileges. Such vulnerabilities underscore the importance of securing web applications against XSS attacks to mitigate risks associated with data exposure and user trust.

References

http://www.securityfocus.com/bid/66488

vdb-entryx_refsource_BID

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1029968

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Mar 27, 2014
Vulnerability Reserved
Feb 25, 2014