CVE

Id
48871  
CVE No.
CVE-2011-0959  
Status
Candidate  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716.  
Phase
Assigned (20110210)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
530593 48871 CVE-2011-0959 EXPLOIT-DB:17304  View
530594 48871 CVE-2011-0959 URL:http://www.exploit-db.com/exploits/17304  View
530595 48871 CVE-2011-0959 FULLDISC:20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006  View
530596 48871 CVE-2011-0959 URL:http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html  View
530597 48871 CVE-2011-0959 MISC:http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf  View
530598 48871 CVE-2011-0959 CONFIRM:http://tools.cisco.com/security/center/viewAlert.x?alertId=23085  View
530599 48871 CVE-2011-0959 XF:cisco-uom-multiple-xss(67521)  View

Related JVN