CVE-2013-1247: XSS
First published: Fri May 31 2013(Updated: )
Cross-site scripting (XSS) vulnerability in the wireless configuration module in Cisco Prime Infrastructure allows remote attackers to inject arbitrary web script or HTML via an SSID that is not properly handled during display of the XML windowing table, aka Bug ID CSCuf04356.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Prime Infrastructure |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2013-1247?
CVE-2013-1247 is classified as a medium severity vulnerability due to the potential for remote attackers to exploit it.
How do I fix CVE-2013-1247?
To mitigate CVE-2013-1247, upgrade to a version of Cisco Prime Infrastructure that addresses this cross-site scripting vulnerability.
Who is affected by CVE-2013-1247?
Organizations using Cisco Prime Infrastructure are potentially affected by CVE-2013-1247 if they utilize the wireless configuration module.
What are the implications of CVE-2013-1247?
Exploitation of CVE-2013-1247 could allow an attacker to execute arbitrary scripts in the context of the victim's browser.
Is there a workaround for CVE-2013-1247?
There are no official workarounds for CVE-2013-1247; the recommended approach is to apply vendor-released updates.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/last-modified-date
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- vendor/cisco
- canonical/cisco prime infrastructure