CVE-2014-3265

Cross-site scripting (XSS) vulnerability in the Auto Update Server (AUS) web framework in Cisco Security Manager 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuo06900.

Severity	MEDIUM
CVSS	4.3
CWE	CWE-79
KEV
Published	12 years ago
Modified	1 week ago

Related Products

Product	Advisory
Cisco RV Series Routers	Cisco-SA-20140519-CVE-2014-3265
Cisco Nexus Dashboard	Cisco-SA-20140519-CVE-2014-3265
Cisco Security Manager	Cisco-SA-20140519-CVE-2014-3265