CVE-2007-5582

CVE Database · CVE-2007-5582

CVE-2007-5582

· N/AModified

CVSS v3.1

N/A

EPSS

1.57%

Published

Dec 14, 2007

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Cross-site scripting (XSS) vulnerability in the login page in Cisco CiscoWorks Server (CS), possibly 2.6 and earlier, when using CiscoWorks Common Services 3.0.x and 3.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Weaknesses (CWE)

CWE-79

Affected Products (1)

cisco · ciscoworks_servervulnerable

References (20)

http://secunia.com/advisories/27902

http://securityreason.com/securityalert/3449

http://securitytracker.com/id?1019043

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsk69289

http://www.cisco.com/warp/public/707/cisco-sr-20071205-cw.shtml

Patch

http://www.liquidmatrix.org/blog/2007/12/05/advisory-cross-site-scripting-in-ciscoworks/

http://www.securityfocus.com/archive/1/484609/100/0/threaded

http://www.securityfocus.com/bid/26708

http://www.vupen.com/english/advisories/2007/4102

https://exchange.xforce.ibmcloud.com/vulnerabilities/38862

http://secunia.com/advisories/27902

KEV Catalog EPSS Scores Vendors All CVEs