CVE-2006-1960

medium Cisco
CVSS v3 Base Score
5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS Score
7.9%
Exploitation probability in 30 days
Top 8% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
P
Integrity
P
Availability
None
Published: April 21, 2006 (7328 days ago)
Last Modified: April 16, 2026
Vendor: Cisco
Source: NVD

Description

Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka bug ID CSCsc01095.

CWE

NVD-CWE-Other

Affected Products

cisco wireless lan solution engine

References

🔗 secunia.com 🔗 securitytracker.com 🔗 www.assurance.com.au 🔗 www.cisco.com 🔗 www.osvdb.org