CVE-2014-2118

Cisco Prime Security Manager <9.2 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in dashboard-related HTML documents in Cisco Prime Security Manager (aka PRSM) 9.2(.1-2) and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCun50687.

References (4)

[Vendor Advisory] http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2118

[Vendor Advisory] http://tools.cisco.com/security/center/viewAlert.x?alertId=33542

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/66488

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1029968

Scores

EPSS 0.0028

EPSS Percentile 50.9%

Details

CWE

CWE-79

Status published

Products (11)

cisco/prime_security_manager < 9.2.1-2

cisco/prime_security_manager

... and 1 more

Published Mar 27, 2014

Tracked Since Feb 18, 2026