CVE-2015-6356: XSS
First published: Wed Nov 04 2015(Updated: )
Cross-site scripting (XSS) vulnerability in the WeChat page in Cisco Social Miner 10.0(1) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuw60212.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco SocialMiner | =10.0\(1\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-6356?
CVE-2015-6356 has been classified with a medium severity rating due to its potential for cross-site scripting attacks.
How do I fix CVE-2015-6356?
To fix CVE-2015-6356, upgrade to Cisco Social Miner version 10.0(2) or later where the vulnerability is addressed.
What type of vulnerability is CVE-2015-6356?
CVE-2015-6356 is a cross-site scripting (XSS) vulnerability that allows for the injection of arbitrary web scripts or HTML.
Who is affected by CVE-2015-6356?
CVE-2015-6356 affects users of Cisco Social Miner version 10.0(1).
Can I exploit CVE-2015-6356 remotely?
Yes, CVE-2015-6356 can be exploited remotely by attackers to execute malicious scripts in the context of a user's session.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/tags
- agent/event
- agent/source
- vendor/cisco
- canonical/cisco socialminer
- version/cisco socialminer/10.0\(1\)