CVE-2016-1471

Name of the Vulnerable Software and Affected Versions Cisco Small Business 220 devices with firmware before 1.0.1.1

Description A cross-site scripting (XSS) issue exists in the web-based management interface, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL.

Recommendations For versions before 1.0.1.1, update the firmware to version 1.0.1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the web-based management interface until the update is applied.