Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Prime Service Catalog Cross-Site Scripting Vulnerability
Vulnerability Description
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by adding specific strings to multiple configuration fields. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cisco Prime Service Catalog 跨站脚本漏洞
Vulnerability Description
Cisco Prime Service Catalog(PSC)是美国思科(Cisco)公司的一套通过单一的门户网站提供所有IT服务的服务目录解决方案。该方案支持自动化订购计算、网络、存储和其他数据中心资源的统一服务目录。 Cisco PSC中基于Web的管理界面存在跨站脚本漏洞。远程攻击者可通过向多个配置字段中添加字符串利用该漏洞执行任意的脚本代码或访问基于浏览器的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A