CVE-2014-0670
Summary
| CVE | CVE-2014-0670 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-01-22 05:22:00 UTC |
| Updated | 2017-08-29 01:34:00 UTC |
| Description | Cross-site scripting (XSS) vulnerability in the Search and Play interface in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCum16686. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cisco | Mediasense | - | All | All | All |
| Application | Cisco | Mediasense | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco MediaSense Search and Play Cross Site Scripting Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Cisco Security Notice: Cisco MediaSense Search and Play Cross-Site Scripting Vulnerability | CISCO | tools.cisco.com | Vendor Advisory |
| Security Advisory SA56563 - Cisco MediaSense Search and Play Interface Cross-Site Scripting Vulnerability - Secunia | SECUNIA | secunia.com | |
| 102319 | OSVDB | osvdb.org | |
| Cisco MediaSense Input Validation Flaw in Search and Play Interface Permits Cross-Site Scripting Attacks - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Alert Details - Security Center - Cisco Systems | CONFIRM | tools.cisco.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.