Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux82583.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Information
Published : 2016-06-18 18:59
Updated : 2016-11-29 19:04
NVD link : CVE-2016-1396
Mitre link : CVE-2016-1396
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
cisco
- rv215w_wireless-n_vpn_router_firmware
- rv130w_wireless-n_multifunction_vpn_router
- rv215w_wireless-n_vpn_router
- rv110w_wireless-n_vpn_firewall
- rv130w_wireless-n_multifunction_vpn_router_firmware
- rv110w_wireless-n_vpn_firewall_firmware