Cisco released a fix for the medium impact vulnerability found on CommPilot Application Software, allowing cross-site scripting against the user interface. The Cisco BroadWorks CommPilot Application allows authenticated users to upload configuration files on the platform. The lack of file validation and broken access control on the vulnerable upload servlet allows any authenticated user to […]

The post Cisco BroadWorks Application Software Flaw Let Attackers conduct XSS Attack appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Guru Baran

Source: gbHackers
Source Link: https://gbhackers.com/cisco-broadworks-software-flaw/