Cross-Site Scripting Vulnerability in Cisco Broadcast Access Center for Telco and Wireless
CVE-2014-2191

Currently unrated

Key Information:

Vendor

Cisco
Status
Broadband Access Center Telco Wireless Software
Vendor
CVE Published:
7 May 2014

What is CVE-2014-2191?

The Cross-Site Scripting (XSS) vulnerability in Cisco's Broadcast Access Center for Telco and Wireless enables remote attackers to inject malicious web scripts or HTML into the application's web framework. This vulnerability arises from an unspecified parameter, allowing attackers to potentially execute arbitrary scripts in the context of other users' sessions, exposing sensitive information and compromising user accounts.

References

http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
http://www.securitytracker.com/id/1030198
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.