CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2009-1287 – Cisco Subscriber Edge Services Manager - Cross-Site Scripting / HTML Injection
https://notcve.org/view.php?id=CVE-2009-1287
13 Apr 2009 — Cross-site scripting (XSS) vulnerability in Cisco Subscriber Edge Services Manager (SESM) allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: some of these details are obtained from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Cisco Subscriber Edge Services Manager (SESM) permite a usuarios remotos inyectar código web script o HTML de su elección a través de la URI (Uniform Resource Identifier). NOTA: algunos de estos detalles se... • https://www.exploit-db.com/exploits/32897 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 7%CPEs: 8EXPL: 0CVE-2005-4794
https://notcve.org/view.php?id=CVE-2005-4794
31 Dec 2005 — Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. • http://secunia.com/advisories/15472 •