Lucene search
Brad AntoniewiczEDB-ID:31786HistoryMay 13, 2008 - 12:00 a.m.
Cisco BBSM Captive Portal 5.3 - 'AccesCodeStart.asp' Cross-Site Scripting Vulnerability
2008-05-1300:00:00
Brad Antoniewicz
www.exploit-db.com
16
0.003 Low
EPSS
Percentile
68.9%
Cisco BBSM Captive Portal 5.3 βAccesCodeStart.aspβ Cross-Site Scripting Vulnerability. CVE-2008-2165. Webapps exploit for asp platform
source: http://www.securityfocus.com/bid/29191/info
Cisco BBSM (Building Broadband Service Manager) is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Cisco BBSM 5.3 is vulnerable; other versions may also be affected.
http://www.example.com/ekgnkm/AccessCodeStart.asp?msg=%3Cscript%3Ealert(%22XSS%22);%3C/script%3E Related
seebug
seebug
Cisco BBSM AccesCodeStart.aspζδ»Άθ·¨η«θζ¬ζΌζ΄
2008-05-17 00:00:00
prion
prion
Cross site scripting
2008-05-16 12:54:00
nvd
nvd
CVE-2008-2165
2008-05-16 12:54:00
cisco
cisco
Cisco Building Broadband Service Manager Cross-Site Scripting Vulnerability
2008-05-14 17:52:02
cve
cve
CVE-2008-2165
2008-05-16 12:54:00
packetstorm
packetstorm
ciscobbsm-xss.txt
2008-05-13 00:00:00
securityvulns
securityvulns
Cisco Building Broadband Service Manager Captive Portal crossite scripting
2008-05-14 00:00:00
Cisco BBSM Captive Portal Cross-site Scripting
2008-05-14 00:00:00
cvelist
cvelist
CVE-2008-2165
2008-05-16 06:54:00