Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the Cisco Unified Intelligence Center web interface could allow an unauthenticated, remote attacker to impact the integrity of the system by executing a Document Object Model (DOM)-based, environment or client-side cross-site scripting (XSS) attack. The vulnerability occurs because user-supplied data in the DOM input is not validated. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious DOM statements to the affected system. A successful exploit could allow the attacker to affect the integrity of the system by manipulating the database. Known Affected Releases 11.0(1)ES10. Cisco Bug IDs: CSCvf18325.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Cisco Unified Intelligence Center 跨站脚本漏洞
Vulnerability Description
Cisco Unified Intelligence Center是美国思科(Cisco)公司的一套基于Web的报表平台。该平台提供报告相关的业务数据和呼叫中心数据的全面展示等功能。 Cisco Unified Intelligence Center中的Web界面中存在跨站脚本漏洞,该漏洞源于程序没有验证用户提交到DOM输入中的数据。远程攻击者可通过向受影响的系统发送特制的URL利用该漏洞影响系统的完整性。
CVSS Information
N/A
Vulnerability Type
N/A