Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to inject HTML content. This vulnerability is due to improper validation of user-supplied data in element fields. An attacker could exploit this vulnerability by submitting malicious content within requests and persuading a user to view a page that contains injected content. A successful exploit could allow the attacker to modify pages within the web-based management interface, possibly leading to further browser-based attacks against users of the application.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
Web页面中脚本相关HTML标签转义处理不恰当(基本跨站脚本)
Vulnerability Title
Cisco Catalyst SD-WAN Manager 跨站脚本漏洞
Vulnerability Description
Cisco Catalyst是美国思科(Cisco)公司的一系列交换机。 Cisco Catalyst SD-WAN Manager 存在安全漏洞,该漏洞源于基于 Web 的管理界面中存在漏洞,可能允许经过身份验证的远程攻击者注入 HTML 内容。
CVSS Information
N/A
Vulnerability Type
N/A