Cross-Site Scripting Vulnerability in Cisco Broadcast Access Center for Telco and Wireless
CVE-2014-2191

Currently unrated

Key Information:

Vendor: Cisco
Status: Broadband Access Center Telco Wireless Software
Vendor: CVE Published:; 7 May 2014

Summary

The Cross-Site Scripting (XSS) vulnerability in Cisco's Broadcast Access Center for Telco and Wireless enables remote attackers to inject malicious web scripts or HTML into the application's web framework. This vulnerability arises from an unspecified parameter, allowing attackers to potentially execute arbitrary scripts in the context of other users' sessions, exposing sensitive information and compromising user accounts.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1030198

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
May 7, 2014
Vulnerability Reserved
Feb 25, 2014