QwikSec

Security Database

CVE

CWE

Training

CVE-2006-1960

Published: Apr 21, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka bug ID CSCsc01095.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.assurance.com.au/advisories/200604-cisco.txt

x_refsource_MISC

vdb-entry

x_refsource_BID

20060419 Multiple vulnerabilities in Linux based Cisco products

mailing-list

x_refsource_BUGTRAQ

third-party-advisory

x_refsource_SECUNIA

20060419 Re: Multiple vulnerabilities in Linux based Cisco products

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_VUPEN

20060419 Multiple Vulnerabilities in the WLSE Appliance

vendor-advisory

x_refsource_CISCO

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_OSVDB

cisco-wlse-user-xss(25883)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.