Описание
Cross-site scripting (XSS) vulnerability in the web application firewall in Cisco CallManager before 3.3(5)sr3, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to CCMAdmin/serverlist.asp (aka the search-form) and possibly other unspecified vectors.
Cross-site scripting (XSS) vulnerability in the web application firewall in Cisco CallManager before 3.3(5)sr3, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to CCMAdmin/serverlist.asp (aka the search-form) and possibly other unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-2832
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34465
- http://marc.info/?l=full-disclosure&m=117993122727006&w=2
- http://secunia.com/advisories/25377
- http://www.cisco.com/en/US/products/products_security_response09186a0080849272.html
- http://www.osvdb.org/35337
- http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2977
- http://www.securityfocus.com/bid/24119
- http://www.securitytracker.com/id?1018105
- http://www.vupen.com/english/advisories/2007/1922
EPSS
CVE ID
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in the web application firewall in Cisco CallManager before 3.3(5)sr3, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to CCMAdmin/serverlist.asp (aka the search-form) and possibly other unspecified vectors.
EPSS