Cisco: >> Socialminer Security Vulnerabilities
The gadget implementation in Cisco SocialMiner does not properly restrict the content of GET requests, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, aka Bug ID CSCuh74125.
CVSS Score
5.0
EPSS Score
0.003
Published
2013-09-13
administration.jsp in Cisco SocialMiner allows remote attackers to obtain sensitive information by sniffing the network for HTTP client-server traffic, aka Bug ID CSCuh76780.
CVSS Score
5.0
EPSS Score
0.003
Published
2013-09-13
Cross-site scripting (XSS) vulnerability in bookmarklet.jsp in Cisco SocialMiner allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuh73868.
CVSS Score
4.3
EPSS Score
0.003
Published
2013-09-08
Page 2