What is CVE-2011-0959?

CVE-2011-0959 is a vulnerability in Cisco Unified_operations_manager, classified under Cross-site Scripting. Published 2011-05-20.

Is CVE-2011-0959 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

XSS in Cisco Unified_operations_manager

CVE-2011-0959

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInsta…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.377 (97.3th percentile) — read the EPSS interpretation.

Affected products

Cisco Unified_operations_manager — versions 1.1, 2.0, 2.0.1
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
psirt@cisco.com (URL Repurposed, Exploit, x_refsource_MISC)
20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006 (mailing-list, Exploit, x_refsource_FULLDISC)
17304 (Exploit, exploit, x_refsource_EXPLOIT-DB)
cisco-uom-multiple-xss(67521) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2011-0959?: CVE-2011-0959 is a vulnerability in Cisco Unified_operations_manager, classified under Cross-site Scripting. Published 2011-05-20.
Is CVE-2011-0959 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.