CVE-2016-6365
MEDIUMCisco Firepower Management Center <5.4.0 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCur25508 and CSCur25518.
Scores
CVSS v3
6.1
EPSS
0.0040
EPSS Percentile
60.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Classification
CWE
CWE-79
Status
published
Affected Products (7)
cisco/secure_firewall_management_center
cisco/secure_firewall_management_center
cisco/secure_firewall_management_center
cisco/secure_firewall_management_center
cisco/secure_firewall_management_center
cisco/secure_firewall_management_center
n/a/n/a
Timeline
Published
Aug 23, 2016
Tracked Since
Feb 18, 2026