Published: 17/01/2024 Updated: 02/02/2024

CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3

VMScore: 0

Subscribe to Broadworks Xtended Services Platform

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote malicious user to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the malicious user to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco broadworks xtended services platform
cisco broadworks xtended services platform 23.0.2024.01
cisco broadworks application delivery platform
cisco broadworks application delivery platform 23.0.2024.01

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface This vulnerability exists because the web-based management interfa ...

CWE-79 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-broadworks-xss-6syj82Ju https://nvd.nist.gov https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-broadworks-xss-6syj82Ju

CVE-2024-20270

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect