Программа: 
Cisco 2000 Series Wireless LAN Controller
Cisco Secure ACS Solution Engine 4.x
Cisco Unified Videoconferencing 3500 Series Products
Cisco CallManager 3.x
Cisco CallManager 4.x
Cisco CallManager 5.x
Cisco Catalyst 6500 Series Network Analysis Module (NAM-1/NAM-2)
Cisco IP Communicator 1.x
Cisco IP Communicator 2.x
Cisco Router and Security Device Manager (SDM)
Cisco Secure ACS 4.x
Cisco Unified CallManager 4.x
Cisco Unified CallManager 5.x
Cisco Unified MeetingPlace 4.x
Cisco Unified MeetingPlace 5.x
Cisco Unified MeetingPlace 6.x
Cisco Unified MeetingPlace Express 1.x
Cisco Unified MeetingPlace Express 2.x
Cisco Unified Personal Communicator 1.x
Cisco Unified Video Advantage 2.x
Cisco VPN 5000 Client 5.x
Cisco VPN Client 2.x
Cisco WAN Manager (CWM) 10.x
Cisco WAN Manager (CWM) 11.x
Cisco WAN Manager (CWM) 12.x
Cisco WAN Manager (CWM) 15.x
CiscoWorks Campus Manager 3.x
CiscoWorks Campus Manager 4.x
CiscoWorks Common Services Software 1.x
CiscoWorks Common Services Software 2.x
CiscoWorks Common Services Software 3.x
CiscoWorks Internetwork Performance Monitor (IPM) 2.x
CiscoWorks Management Center for IPS Sensors (IPSMC) 2.x
CiscoWorks Monitoring Center for Security 1.x
CiscoWorks Monitoring Center for Security 2.x

Уязвимость позволяет удаленному пользователю выполнить XSS нападение на целевую систему.
Уязвимость существует из-за недостаточной обработки входных данных сценарием PreSearch.html или PreSearch.class в зависимости от используемой программы или устройства. Атакующий может выполнить произвольный сценарий в браузере жертвы в контексте безопасности уязвимого сайта.



Оставить мнение