Preview Tool

Cisco Bug: CSCun95178 - DOM CSS report on help page

Last Modified

Nov 20, 2018

Products (1)

  • Cisco 5500 Series Wireless Controllers

Known Affected Releases

7.4(121.0) 7.6(100.0) 8.0(72.140)

Description (partial)

Cisco Wireless LAN Controller (WLC) devices contain a document object model (DOM) based cross-site scripting vulnerability within the HTML help system.  An unauthenticated, 
remote attacker that can convince a user of an affected system to follow a malicious link or visit an attacker controlled web-page may gain the ability to execute arbitrary HTML or 
script code within the security context of the affected site.

Cisco WLC devices running versions of WLC software prior to 8.0.

Related Community Discussions

Cross site scripting known release?
Hi everyone. Does anyone know whether Cisco has already released a version that has a solution for CSS vulnerability? I have checked the link &quot;<key>CSCun95178</key>&quot;, but I still don't see any Known Fixed Releases. Is version affected? I would appreciate any answer, since our customer is asking for a solution to this vulnerability. Thanks.
Latest activity: May 06, 2015
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.