CVE-2015-0774 β€” Cross-site Scripting in Cisco Application AND Content Networking System Software

CWE-79 β€” Cross-site Scripting6 documents6 sources
Severity
4.3MEDIUMNVD
EPSS
0.3%
top 50.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Application AND Content Networking System Software
Timeline
PublishedJun 12
Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in Cisco Application and Content Networking System (ACNS) 5.5(9) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuu70650.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

πŸ”΄Vulnerability Details

2
GHSA
GHSA-3cvr-7qv6-j2f2: Cross-site scripting (XSS) vulnerability in Cisco Application and Content Networking System (ACNS) 5β†—2022-05-17
β–Ά
CVEList
CVE-2015-0774: Cross-site scripting (XSS) vulnerability in Cisco Application and Content Networking System (ACNS) 5β†—2015-06-12
β–Ά

πŸ“‹Vendor Advisories

2
Red Hat
kernel: pipe buffer state corruption after unsuccessful atomic read from pipe↗2016-02-02
β–Ά
Cisco
Cisco Application and Content Networking System URL Page Return Cross-Site Scripting Vulnerability↗2015-06-09
β–Ά

πŸ’¬Community

1
Bugzilla
CVE-2016-0774 kernel: pipe buffer state corruption after unsuccessful atomic read from pipe↗2016-02-02
β–Ά
CVE-2015-0774 β€” Cross-site Scripting in Cisco | cvebase