Cisco BroadWorks Application Software Flaw Let Attackers conduct XSS Attack | allinfosecnews.com

Aug. 31, 2023, 12:22 p.m. | Guru Baran

GBHackers On Security gbhackers.com

Cisco released a fix for the medium impact vulnerability found on CommPilot Application Software, allowing cross-site scripting against the user interface. The Cisco BroadWorks CommPilot Application allows authenticated users to upload configuration files on the platform. The lack of file validation and broken access control on the vulnerable upload servlet allows any authenticated user to […]

The post Cisco BroadWorks Application Software Flaw Let Attackers conduct XSS Attack appeared first on GBHackers - Latest Cyber Security News | Hacker News …

access access control application attack attackers broken access control cisco configuration configuration files control cross-site file files fix flaw found impact interface medium platform scripting software upload user interface validation vulnerability vulnerable xss

More from gbhackers.com / GBHackers On Security

ELLIO and ntop partnership to boost high-speed network traffic monitoring with real-time data on opportunistic … 1 day, 17 hours ago | gbhackers.com

applications attacks botnets commercial +16

LilacSquid Hackers Attacking IT Industries To Harvest Confidential Data 1 day, 17 hours ago | gbhackers.com

access advanced persistent threat can cisco +29

FlyingYeti Exploits WinRAR Vulnerability For Targeted Malware Attacks 1 day, 18 hours ago | gbhackers.com

actor attacks cve cybersecurity threats +23

Hackers Weaponizing MS Office-Cracked Versions to Deliver Malware 1 day, 18 hours ago | gbhackers.com

attackers changing commands cracked +23

DDoS-as-a-Service Botnet Backed by Mirai Attacking Gaming Community 1 day, 18 hours ago | gbhackers.com

as-a-service attacks botnet botnets +19

Hackers Exploiting Stored XSS Vulnerabilities in WordPress Plugins 1 day, 19 hours ago | gbhackers.com

attackers cross-site cve cve-2023-40000 +25

VirusTotal Celebrates 20th Anniversary, What’s Next? 1 day, 22 hours ago | gbhackers.com

20th anniversary anniversary cyber security cybersecurity +16

Beware of Fake Browser Updates That Deliver Bitrat & Lumma Stealer 1 day, 23 hours ago | gbhackers.com

attackers breaches browser campaign +24

Progress Telerik Report Server Flaw Let Attackers Bypass Authentication 2 days, 18 hours ago | gbhackers.com

attackers authentication authentication bypass bypass +13

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com