Vulnerability Description
Cross-site scripting (XSS) vulnerability in cwhp/device.center.do in the Help servlet in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the device parameter, aka Bug ID CSCto12704.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ciscoworks Common Services | <= 3.3 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.htmlExploit
- http://tools.cisco.com/security/center/viewAlert.x?alertId=23088Vendor Advisory
- http://www.exploit-db.com/exploits/17304Exploit
- http://www.securityfocus.com/bid/47902Exploit
- http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdfExploitURL Repurposed
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67523
- http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.htmlExploit
- http://tools.cisco.com/security/center/viewAlert.x?alertId=23088Vendor Advisory
- http://www.exploit-db.com/exploits/17304Exploit
- http://www.securityfocus.com/bid/47902Exploit
- http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdfExploitURL Repurposed
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67523
FAQ
What is CVE-2011-0961?
CVE-2011-0961 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in cwhp/device.center.do in the Help servlet in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML...
How severe is CVE-2011-0961?
CVE-2011-0961 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-0961?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ciscoworks Common Services.