NUEVA VULNERABILIDAD, Cisco Wireless Control System Cross Site Scripting Vulnerability
Posted: 6/8/10 by komz in Etiquetas: Cisco, Cisco Wireless Control System, Cross Site Scripting Vulnerability, VulnerabilidadesCisco Wireless Control System is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input.
Exploiting this vulnerability could allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.
Cisco Wireless Control System version 6.0.181.0 and prior are vulnerable. Other versions may also be affected.
REFERENCIA DE LA VULNERABILIDAD
Desde Vulnerability Team exortamos a los usuarios y administradores revisar las notificaciones y aplicar las actualizaciones necesarias, para ayudar a mitigar los riesgos.
fuente: securityfocus.com | cisco.com