Cisco » Security Monitoring Analysis And Response System : Security Vulnerabilities, CVEs, Published In 2013
Cross-site scripting (XSS) vulnerability in Query/NewQueryResult.jsp in Cisco Security Monitoring, Analysis and Response System (CS-MARS) allows remote attackers to inject arbitrary web script or HTML via the isnowLatency parameter, aka Bug ID CSCul16173.
Max CVSS
4.3
EPSS Score
0.21%
Published
2013-11-06
Updated
2013-11-07
The XML parser in Cisco Security Monitoring, Analysis, and Response System (MARS) allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCue55093.
Max CVSS
4.3
EPSS Score
0.17%
Published
2013-03-06
Updated
2013-03-06
2 vulnerabilities found