VULHUB ™

Cisco Security Advisory - A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically generated output, such as the output from a 'show buffers' command, will be passed to the browser requesting the page. This HTML code could be interpreted by the client browser and potentially execute malicious commands against the device or other possible cross-site scripting attacks. This security advisory applies to all Cisco products that run Cisco IOS Software versions 11.0 through 12.4 with the HTTP server enabled.

Cisco Security Advisory - A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically generated output, such as the output from a 'show buffers' command, will be passed to the browser requesting the page. This HTML code could be interpreted by the client browser and potentially execute malicious commands against the device or other possible cross-site scripting attacks. This security advisory applies to all Cisco products that run Cisco IOS Software versions 11.0 through 12.4 with the HTTP server enabled.