PT-2013-4353 · Cisco · Cisco Content Security Management+1

Published

2013-06-26

Updated

2015-10-16

CVE-2013-3396

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Cisco Content Security Management on Security Management Appliance (SMA) devices (affected versions not specified)

Description A cross-site scripting (XSS) issue exists in the web framework of Cisco Content Security Management on Security Management Appliance (SMA) devices. This allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2013-3396

Affected Products

Cisco Content Security Management

Security Management Appliance

PT-2013-4353 · Cisco · Cisco Content Security Management+1

CVE-2013-3396

Weakness Enumeration

Related Identifiers

Affected Products

References · 3