CVE-2007-5582

https://notcve.org/view.php?id=CVE-2007-5582

Cross-site scripting (XSS) vulnerability in the login page in Cisco CiscoWorks Server (CS), possibly 2.6 and earlier, when using CiscoWorks Common Services 3.0.x and 3.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la página de inicio de sesión de Cisco CiscoWorks Server (CS), posiblemente 2.6 y anteriores, al utilizar CiscoWorks Common Services 3.0.x y 3.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante vectores no especificados. • http://secunia.com/advisories/27902 http://securityreason.com/securityalert/3449 http://securitytracker.com/id?1019043 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsk69289 http://www.cisco.com/warp/public/707/cisco-sr-20071205-cw.shtml http://www.liquidmatrix.org/blog/2007/12/05/advisory-cross-site-scripting-in-ciscoworks http://www.securityfocus.com/archive/1/484609/100/0/threaded http://www.securityfocus.com/bid/26708 http://www.vupen • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •