Cisco SocialMiner CVE-2019-1668 Chat Feed Multiple Cross Site Scripting Vulnerabilities

Bugtraq ID:	106720
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Jan 25 2019 12:00AM
Updated:	Jan 25 2019 12:00AM
Credit:	Julian Salas
Vulnerable:
Not Vulnerable:

Cisco SocialMiner CVE-2019-1668 Chat Feed Multiple Cross Site Scripting Vulnerabilities

Cisco SocialMiner is prone to multiple cross-site scripting vulnerabilities.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.

These issues are being tracked by Cisco Bug ID CSCvi52835, CSCvn50066 and CSCvn59276.
.

Cisco SocialMiner CVE-2019-1668 Chat Feed Multiple Cross Site Scripting Vulnerabilities

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Cisco SocialMiner CVE-2019-1668 Chat Feed Multiple Cross Site Scripting Vulnerabilities

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Cisco SocialMiner CVE-2019-1668 Chat Feed Multiple Cross Site Scripting Vulnerabilities

References:

• Cisco Homepage (Cisco )
  
• Cisco SocialMiner Product Page (Cisco)
  
• Cisco SocialMiner Chat Feed Cross-Site Scripting Vulnerabilities (Cisco)