Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrative accounts via screens/aaa/mgmtuser_create.html or (2) insert XSS sequences via the headline parameter to screens/base/web_auth_custom.html, aka Bug ID CSCud50283.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: cisco
Published:
Updated: 2024-09-16T18:03:47.236Z
Reserved: 2012-11-21T00:00:00Z
Link: CVE-2012-5992

No data.

Status : Deferred
Published: 2012-12-19T11:56:00.250
Modified: 2025-04-11T00:51:21.963
Link: CVE-2012-5992

No data.

No data.