CVE-2010-0641
published 2010-02-17CVE-2010-0641: Cross-site scripting (XSS) vulnerability in webline/html/admin/wcs/LoginPage.jhtml in Cisco Collaboration Server (CCS) 5 allows remote attackers to inject…
PriorityP421medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
3.24%
86.7th percentile
Cross-site scripting (XSS) vulnerability in webline/html/admin/wcs/LoginPage.jhtml in Cisco Collaboration Server (CCS) 5 allows remote attackers to inject arbitrary web script or HTML via the dest parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | collaboration_server | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Cisco Collaboration Server 5.0 LoginPage.jhtml dest cross site scripting (EDB-11403 / XFDB-56220)
vuldb·2026-04-30·CVSS 4.3
CVE-2010-0641 [MEDIUM] Cisco Collaboration Server 5.0 LoginPage.jhtml dest cross site scripting (EDB-11403 / XFDB-56220)
A vulnerability labeled as problematic has been found in Cisco Collaboration Server 5.0. Affected by this issue is some unknown functionality of the file webline/html/admin/wcs/LoginPage.jhtml. Such manipulation of the argument dest leads to cross site scripting.
This vulnerability is documented as CVE-2010-0641. The attack can be executed remotely. Additionally, an exploit exists.
GHSA
GHSA-jhrj-hv6x-7x2p: Cross-site scripting (XSS) vulnerability in webline/html/admin/wcs/LoginPage
ghsa_unreviewed·2022-05-02
CVE-2010-0641 [MEDIUM] CWE-79 GHSA-jhrj-hv6x-7x2p: Cross-site scripting (XSS) vulnerability in webline/html/admin/wcs/LoginPage
Cross-site scripting (XSS) vulnerability in webline/html/admin/wcs/LoginPage.jhtml in Cisco Collaboration Server (CCS) 5 allows remote attackers to inject arbitrary web script or HTML via the dest parameter.
Suricata
ET WEB_SPECIFIC_APPS Cisco Collaboration Server LoginPage.jhtml Cross Site Scripting Attempt
suricata·2010-07-30
CVE-2010-0641 ET WEB_SPECIFIC_APPS Cisco Collaboration Server LoginPage.jhtml Cross Site Scripting Attempt
ET WEB_SPECIFIC_APPS Cisco Collaboration Server LoginPage.jhtml Cross Site Scripting Attempt
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Cisco Collaboration Server LoginPage.jhtml Cross Site Scripting Attempt"; flow:established,to_server; http.uri; content:"/webline/html/admin/wcs/LoginPage.jhtml"; nocase; content:"dest="; nocase; pcre:"/dest\x3D.+(script|alert|onmouse[a-z]+|onkey[a-z]+|onload|onunload|ondragdrop|onblur|onfocus|onclick|ondblclick|onsubmit|onreset|onselect|onchange)/i"; reference:url,www.exploit-db.com/exploits/11403/; reference:cve,2010-0641; classtype:web-application-attack; sid:2011676; rev:6; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, cve CVE_2010_0641, deployment Datacenter
No writeups or analysis indexed.
2010-02-17
Published