Show plain JSON{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unified_operations_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "690FA80D-A157-4D4E-980D-C9AA0009D853", "versionEndIncluding": "8.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C5510F4F-93C9-4722-97F5-37A05B48C23D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C73FD728-7A22-4248-B4DA-62AB2704A411", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "DD2DF29A-4E30-442C-BB14-F22D955B112A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CA03A21-13EF-476E-892B-D0A494779594", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "107A78CC-8943-4D33-BE60-CBFC72FE405D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "930EA844-7016-4EC3-833D-70D1B1DE6DA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5CA3DB6A-A1D4-4CB4-A62D-3269E27094D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "D63D2042-C271-4671-9858-2DE4709BAD19", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_operations_manager:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "3BF00348-D8E9-4FC0-A6EA-7B16707441A3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote attackers to inject arbitrary web script or HTML via the tag parameter, aka Bug ID CSCto12712."}, {"lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine en el Common Services Device Center en Cisco Unified Operations Manager (CUOM) anterior a v8.6 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n a trav\u00e9s del par\u00e1metro \"tag\", tambi\u00e9n conocido como Bug ID CSCto12712."}], "id": "CVE-2011-0962", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2011-05-20T22:55:03.033", "references": [{"source": "psirt@cisco.com", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"}, {"source": "psirt@cisco.com", "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23087"}, {"source": "psirt@cisco.com", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/17304"}, {"source": "psirt@cisco.com", "tags": ["Exploit", "URL Repurposed"], "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"}, {"source": "psirt@cisco.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67524"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23087"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/17304"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "URL Repurposed"], "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67524"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]} 
ReportizFlow
MITRE
Vulnrichment
NVD
Redhat