CVE-2009-0470
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different vulnerability than CVE-2008-3821.
Cross-site Scripting
Vendor | Product | Version |
---|---|---|
cisco | ios | 12.4\(23\) |
Common Weakness Enumeration