Cisco Bug: CSCuj69427 - XSS vulnerability and Input Validation with Cisco Prime License Manager
Aug 06, 2018
- Cisco Unified Communications Manager (CallManager)
Known Affected Releases
Symptoms: A vulnerability in an administration page of Cisco Prime License Manager could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system. The vulnerability is due to insufficient input validation of a parameter. An attacker could exploit this vulnerability by convincing the user to access a malicious link. Conditions: Default configuration.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases