CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2015-6353
https://notcve.org/view.php?id=CVE-2015-6353
31 Oct 2015 — Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.3.1.5 and 5.4.x through 5.4.1.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuu28922. Múltiples vulnerabilidades de XSS en Cisco FireSight Management Center (MC) 5.3.1.5 y 5.4.x hasta la versión 5.4.1.3 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de parámetros no especificados, también ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151029-fsmc1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4270
https://notcve.org/view.php?id=CVE-2015-4270
14 Jul 2015 — Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT System Software 5.3.1.5 and 6.0.0 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCuv22557, CSCuv22583, CSCuv22632, CSCuv22641, CSCuv22650, CSCuv22662, CSCuv22697, and CSCuv22702. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XXS) en Cisco FireSIGHT System Software 5.3.1.5 y 6.0.0, permite a atacantes remotos inyectar arbitrariamente secuencias de comandos web o HT... • http://tools.cisco.com/security/center/viewAlert.x?alertId=39879 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0773
https://notcve.org/view.php?id=CVE-2015-0773
12 Jun 2015 — Cisco FireSIGHT System Software 5.3.1.3 and 6.0.0 allows remote authenticated users to delete an arbitrary user's dashboard via a modified VPN deletion request in a management session, aka Bug ID CSCut67078. Cisco FireSIGHT System Software 5.3.1.3 y 6.0.0 permite a usuarios remotos autenticados eliminar el panel de control de un usuarios arbitrario a través de una solicitud de eliminación VPN modificada en una sesión de gestión, también conocida como Bug ID CSCut67078. • http://tools.cisco.com/security/center/viewAlert.x?alertId=39256 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0707
https://notcve.org/view.php?id=CVE-2015-0707
23 Apr 2015 — Cross-site scripting (XSS) vulnerability in Cisco FireSIGHT System Software 5.3.1.1 and 6.0.0 in FireSIGHT Management Center allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCus85425. Vulnerabilidad de XSS en Cisco FireSIGHT System Software 5.3.1.1 y 6.0.0 en FireSIGHT Management Center permite a usuarios remotos autenticados inyectar secuencias de comandos web arbitrarios o HTML a través de un parámetro no especificado, también conocido com... • http://tools.cisco.com/security/center/viewAlert.x?alertId=38487 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2015-0706
https://notcve.org/view.php?id=CVE-2015-0706
23 Apr 2015 — Open redirect vulnerability in Cisco FireSIGHT System Software 5.3.1.1, 5.3.1.2, and 6.0.0 in FireSIGHT Management Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted HTTP header, aka Bug IDs CSCut06060, CSCut06056, and CSCus98966. Vulnerabilidad de la redirección abierta en Cisco FireSIGHT System Software 5.3.1.1, 5.3.1.2, y 6.0.0 en FireSIGHT Management Center permite a atacantes remotos redirigir usuarios hacia sitios web arbitrarios y realiz... • http://tools.cisco.com/security/center/viewAlert.x?alertId=38486 •