Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to inject arbitrary web script or HTML via the headline parameter, aka Bug ID CSCud65187, a different vulnerability than CVE-2012-5992.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco Wireless LAN Controller 跨站脚本漏洞
Vulnerability Description
Cisco Wireless LAN Controller(WLC)是美国思科(Cisco)公司的一款无线局域网控制器产品。该产品在无线局域网中提供安全策略、入侵检测等功能。 Cisco Wireless LAN Controller中存在跨站脚本漏洞,该漏洞源于处理Web管理界面没有正确验证web_auth_custom.html脚本的用户输入。通过发送特制的HTTP POST请求到受影响目标系统,经过身份验证的远程攻击者可利用该漏洞执行跨站脚本攻击。Cisco Wireless LAN Control
CVSS Information
N/A
Vulnerability Type
N/A