← Back

CVE-2010-2986

nvd nist
Published: Aug 10, 2010Modified: Apr 29, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

Cross-site scripting (XSS) vulnerability in webacs/QuickSearchAction.do in the search feature in the web interface in Cisco Wireless Control System (WCS) before 6.0(194.0) and 7.x before 7.0.164 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, aka Bug ID CSCtf14288.

Affected (38)

1 product
Wireless Control System Software
Configuration A
38 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Up to 6.0.188.0
Version 3.2.78.0
Version 4.0.155.5
Version 4.1.171.0
Version 4.1.191.xm
Version 4.1.192.35m
Version 4.1.192.xm
Version 4.1.83.0
Version 4.1.91.0
Version 4.1
Version 4.2.110.0
Version 4.2.128.0
Version 4.2.130.0
Version 4.2.173.0
Version 4.2.176.0
Version 4.2.209.0
Version 4.2.62.0
Version 4.2.62.11
Version 4.2.81.0
Version 4.2.97.0
Version 5.0.148.0
Version 5.0.56.0
Version 5.0.56.2
Version 5.1.151.0
Version 5.1.64.0
Version 5.1.65.4
Version 5.2.110.0
Version 5.2.125.0
Version 5.2.130.0
Version 5.2.148.0
Version 5.2.157.0
Version 6.0.132.0
Version 6.0.170.0
Version 6.0.181.0
Version 6.0.182.0
Version 6.0
Version 7.0.98.0
Version 7.0

References (10)

Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit

Timeline

No history available yet.