CVE-2015-6353

CWE-79Cross-site Scripting (XSS)4 documents4 sources
Severity
3.5LOW
EPSS
0.2%
top 59.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Firesight System Software
Timeline
PublishedOct 31
Latest updateMay 17

Description

Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.3.1.5 and 5.4.x through 5.4.1.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuu28922.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 6.8 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-76xr-9c9c-5rjm: Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 52022-05-17
CVEList
CVE-2015-6353: Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 52015-10-31

📋Vendor Advisories

1
Cisco
Cisco FireSIGHT Management Center Cross-Site Scripting Vulnerability2015-10-29
CVE-2015-6353 (LOW CVSS 3.5) | Multiple cross-site scripting (XSS) | cvebase.io