Published: 04/05/2010 Updated: 04/05/2010
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in Cisco Router and Security Device Manager (SDM) allows remote malicious users to inject arbitrary web script or HTML via unknown vectors, aka Bug ID CSCtb38467.

Vendor Advisories

Cisco Router and Security Device Manager versions 25 and prior contain a vulnerability that could allow attackers to conduct cross-site scripting attacks The vulnerability exists due to improper validation of parameters processed by the application  An unauthenticated, remote attacker could exploit the vulnerability by convincing a user to foll ...