2.6

CVE-2006-3289

EPSS 0.52%
Published 28.06.2006 23:05:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Cross-site scripting (XSS) vulnerability in the login page of the HTTP interface for the Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a "malicious URL".

Affected products Warnungen 0 Metrics 2 CWE 0 References 10

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Wireless Control System Version <= 3.2\(51\)

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.52%	0.656

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.6	4.9	2.9	AV:N/AC:H/Au:N/C:N/I:P/A:N

http://secunia.com/advisories/20870

http://securitytracker.com/id?1016398

http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml

Patch

http://www.securityfocus.com/bid/18701

http://www.vupen.com/english/advisories/2006/2583

http://www.osvdb.org/26880

https://exchange.xforce.ibmcloud.com/vulnerabilities/27441

https://nvd.nist.gov/vuln/detail/CVE-2006-3289

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-3289

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-3289

EUVD