Cross-site scripting (XSS) vulnerability in the web-wizard setup page on Cisco Scientific Atlanta D20 and D30 cable modems allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Link | Resource |
---|---|
http://tools.cisco.com/security/center/viewAlert.x?alertId=26036 | Vendor Advisory |
http://tools.cisco.com/security/center/viewAlert.x?alertId=26036 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:40
Type | Values Removed | Values Added |
---|---|---|
References | () http://tools.cisco.com/security/center/viewAlert.x?alertId=26036 - Vendor Advisory |
Information
Published : 2013-12-10 19:55
Updated : 2024-11-21 01:40
NVD link : CVE-2012-3047
Mitre link : CVE-2012-3047
CVE.ORG link : CVE-2012-3047
JSON object : View
Products Affected
cisco
- scientific_atlanta_dpq2425
- scientific_atlanta_dpc\/epc2202
- scientific_atlanta_dpx\/epx2203c
- scientific_atlanta_dpc2420
- scientific_atlanta_dpq3925
- scientific_atlanta_dpc3925
- scientific_atlanta_dpc\/epc2434
- scientific_atlanta_epc3825
- scientific_atlanta_dpq3212
- scientific_atlanta_dpw941
- scientific_atlanta_epc3925
- scientific_atlanta_epc2420
- scientific_atlanta_dpx\/epx2203
- scientific_atlanta_dpc3008\/epc3008
- scientific_atlanta_dpc\/epc_3208
- scientific_atlanta_dpc\/epc3010
- scientific_atlanta_dpc3000\/epc3000
- scientific_atlanta_dpw730
- scientific_atlanta_dpc\/epc2505
- scientific_atlanta_dpx130
- scientific_atlanta_dpx\/epx2100
- scientific_atlanta_dpq2202
- scientific_atlanta_dpw700
- scientific_atlanta_wag310g
- scientific_atlanta_dpc\/epc3212
- scientific_atlanta_dpq\/epq2160
- scientific_atlanta_dpw939
- scientific_atlanta_dpc\/epc2325
- scientific_atlanta_dpc\/epc2100
- scientific_atlanta_dpr362
- scientific_atlanta_dpx2213
- scientific_atlanta_dpc\/epc2425
- scientific_atlanta_dpc\/epc2203
- scientific_atlanta_dpx100\/120
- scientific_atlanta_dpx213
- scientific_atlanta_dpc3825
- scientific_atlanta_dpx110
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')