CVE-2013-6698

Name of the Vulnerable Software and Affected Versions Cisco Wireless LAN Controller (WLC) (affected versions not specified)

Description The issue is related to a cross-frame scripting (XFS) problem, where the web interface does not properly restrict the use of IFRAME elements. This makes it easier for remote attackers to conduct clickjacking attacks and other unspecified attacks via a crafted web site. An attacker could exploit this by directing a user to an attacker-controlled web page containing a malicious HTML iframe, potentially allowing clickjacking or other client-side browser attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.