漏洞标题
Cisco 火力管理中心软件跨站点脚本漏洞
漏洞描述信息
思科Firepower Management Center软件跨站脚本漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability
漏洞描述信息
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack. This vulnerability is due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by convincing a user to click a link designed to pass malicious input to the interface. A successful exploit could allow the attacker to conduct cross-site scripting attacks and gain access to sensitive browser-based information.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
漏洞类别
Web页面中脚本相关HTML标签转义处理不恰当(基本跨站脚本)
漏洞标题
Cisco Firepower Management Center 跨站脚本漏洞
漏洞描述信息
Cisco Firepower Management Center(FMC)是美国思科(Cisco)公司的新一代防火墙管理中心软件。 Cisco Firepower Management Center (FMC)存在安全漏洞,该漏洞源于对基于 Web 的管理界面的用户提供的输入进行了不正确的验证。攻击者可以通过诱使用户单击旨在将恶意输入传递到界面的链接来进行跨站脚本攻击并获得对基于浏览器的敏感信息的访问权限。
CVSS信息
N/A
漏洞类别
跨站脚本