CVE-2014-0652

Cisco Context Directory Agent - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the Mappings page in Cisco Context Directory Agent (CDA) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuj45358.

References (7)

[Vendor Advisory] http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0652

[Vendor Advisory] http://tools.cisco.com/security/center/viewAlert.x?alertId=32365

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/64703

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1029572

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/90167

[Third Party Advisory, VDB Entry] http://osvdb.org/101803

[Third Party Advisory] http://secunia.com/advisories/56365

Scores

EPSS 0.0054

EPSS Percentile 67.5%

Details

CWE

CWE-79

Status published

Products (2)

cisco/context_directory_agent

n/a/n/a

Published Jan 08, 2014

Tracked Since Feb 18, 2026