Описание
Cross-site scripting (XSS) vulnerability in screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to inject arbitrary web script or HTML via the headline parameter, aka Bug ID CSCud65187, a different vulnerability than CVE-2012-5992.
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:cisco:wireless_lan_controller_software:7.2.110.0:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:cisco:2000_wireless_lan_controller:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2100_wireless_lan_controller:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2500_wireless_lan_controller:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4100_wireless_lan_controller:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4400_wireless_lan_controller:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:5500_wireless_lan_controller:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:7500_wireless_lan_controller:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:8500_wireless_lan_controller:-:*:*:*:*:*:*:*
EPSS
Процентиль: 87%
0.03485
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to inject arbitrary web script or HTML via the headline parameter, aka Bug ID CSCud65187, a different vulnerability than CVE-2012-5992.
EPSS
Процентиль: 87%
0.03485
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79