Cross-site scripting (XSS) vulnerability in the management interface on Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCux24935.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:34
Type | Values Removed | Values Added |
---|---|---|
References | () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151208-wrg - Vendor Advisory | |
References | () http://www.securitytracker.com/id/1034346 - | |
References | () https://www.exploit-db.com/exploits/39904/ - |
Information
Published : 2015-12-14 03:59
Updated : 2024-11-21 02:34
NVD link : CVE-2015-6402
Mitre link : CVE-2015-6402
CVE.ORG link : CVE-2015-6402
JSON object : View
Products Affected
cisco
- epc3928_docsis_3.0_8x4_wireless_residential_gateway_with_embedded_digital_voice_adapter
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')