Vulnerability Details CVE-2012-6007
Cross-site scripting (XSS) vulnerability in screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to inject arbitrary web script or HTML via the headline parameter, aka Bug ID CSCud65187, a different vulnerability than CVE-2012-5992.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 79.7%
CVSS Severity
CVSS v2 Score 4.3
References
Products affected by CVE-2012-6007
-
cpe:2.3:h:cisco:2000_wireless_lan_controller:-
-
cpe:2.3:h:cisco:2100_wireless_lan_controller:-
-
cpe:2.3:h:cisco:2500_wireless_lan_controller:-
-
cpe:2.3:h:cisco:4100_wireless_lan_controller:-
-
cpe:2.3:h:cisco:4400_wireless_lan_controller:-
-
cpe:2.3:h:cisco:4400_wireless_lan_controller:4.1
-
cpe:2.3:h:cisco:4400_wireless_lan_controller:4.2
-
cpe:2.3:h:cisco:4400_wireless_lan_controller:5.0
-
cpe:2.3:h:cisco:4400_wireless_lan_controller:5.2
-
cpe:2.3:h:cisco:5500_wireless_lan_controller:-
-
cpe:2.3:h:cisco:7500_wireless_lan_controller:-
-
cpe:2.3:h:cisco:8500_wireless_lan_controller:-
-
cpe:2.3:o:cisco:wireless_lan_controller_software:7.2.110.0