CVE-2012-6007

Cross-site scripting (XSS) vulnerability in screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to inject arbitrary web script or HTML via the headline parameter, aka Bug ID CSCud65187, a different vulnerability than CVE-2012-5992.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:cisco:wireless_lan_controller_software:7.2.110.0:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:2000_wireless_lan_controller:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2100_wireless_lan_controller:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2500_wireless_lan_controller:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4400_wireless_lan_controller:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:7500_wireless_lan_controller:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:8500_wireless_lan_controller:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4100_wireless_lan_controller:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:5500_wireless_lan_controller:-:*:*:*:*:*:*:*

Information

Published : 2012-12-19 03:56

Updated : 2013-01-29 21:00


NVD link : CVE-2012-6007

Mitre link : CVE-2012-6007


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

cisco

  • 8500_wireless_lan_controller
  • 7500_wireless_lan_controller
  • 4100_wireless_lan_controller
  • wireless_lan_controller_software
  • 2500_wireless_lan_controller
  • 5500_wireless_lan_controller
  • 4400_wireless_lan_controller
  • 2100_wireless_lan_controller
  • 2000_wireless_lan_controller