Cisco Application Policy Infrastructure Controller (APIC) is an automated infrastructure deployment and governance solution from Cisco (USA). Controller’s web UI contains a stored cross-site scripting vulnerability, which can be exploited by an attacker to execute arbitrary script code or access sensitive, browser-based information in the context of the Web interface by sending malicious input to the Web UI.