CVE-2017-3848

A vulnerability in the HTTP web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected system. More Information: CSCuw63001 CSCuw63003. Known Affected Releases: 2.2(2). Known Fixed Releases: 3.1(0.0).

Severity	MEDIUM
CVSS	6.1
EPSS	-
CWE	CWE-79
KEV
Published	9 years ago
Modified	1 week ago

Public Affected Products

Product	Advisory	Evidence
Cisco Prime Infrastructure	cisco-sa-20170301-cpi	Cisco CSAF · structured affected