CVE-2006-3289

Name of the Vulnerable Software and Affected Versions Cisco Wireless Control System (WCS) versions prior to 3.2(51)

Description A cross-site scripting (XSS) issue exists in the login page of the HTTP interface, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a malicious URL.

Recommendations For versions prior to 3.2(51), update to version 3.2(51) or later to resolve the issue. As a temporary workaround, consider restricting access to the login page of the HTTP interface until a patch is applied. Avoid using malicious URLs that could exploit this issue.