vendor:
CiscoWorks Common Services
by:
Unknown
7.5
CVSS
HIGH
Cross-Site Scripting
79
CWE
Product Name: CiscoWorks Common Services
Affected Version From: CiscoWorks Common Services 3.3 and prior
Affected Version To:
Patch Exists: NO
Related CWE:
CPE: a:cisco:ciscoworks_common_services
Platforms Tested:
Unknown
CiscoWorks Common Services Cross-Site Scripting Vulnerability
The CiscoWorks Common Services application fails to sufficiently sanitize user-supplied input, leading to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to perform cross-site scripting attacks, potentially stealing authentication credentials and launching other attacks.
Mitigation:
Apply the necessary patches or updates provided by Cisco.