Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in the Management Center component in Cisco FireSIGHT System Software 6.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified fields, aka Bug IDs CSCus93566, CSCut31557, and CSCut47196.
References
Link | Resource |
---|---|
http://tools.cisco.com/security/center/viewAlert.x?alertId=39171 | Vendor Advisory |
http://www.securitytracker.com/id/1032482 | Third Party Advisory VDB Entry |
Configurations
Information
Published : 2015-06-04 03:59
Updated : 2017-01-04 08:14
NVD link : CVE-2015-0766
Mitre link : CVE-2015-0766
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
cisco
- firesight_system_software