CVE-2016-1474

Cisco Prime Infrastructure 2.2(2) does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug ID CSCuw65846, a different vulnerability than CVE-2015-6434.

Severity	MEDIUM
CVSS	4.3
EPSS	0.24% EPSS low
CWE	CWE-284
KEV
Published	9 years ago
Modified	2 weeks ago

Public Affected Products

Product	Advisory	Evidence
Cisco Prime Infrastructure	cisco-sa-20160803-cpi	Cisco CSAF · structured affected