CyberSec.Space Logo
Back to CVE Browser

CVE-2007-1467

LOW
3.5
CVSS Severity Score
EPSS Score0.1310%
EPSS Percentile4.64th
PublishedMar 16, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form.

Affected Platforms (CPE)

πŸ“¦
Cisco

Acs Solution Engine

= 4.1
πŸ“¦
Cisco

Acs Solution Engine

= 4.1
πŸ“¦
Cisco

Ciscoworks

All versions
πŸ“¦
Cisco

Ip Communicator

All versions
πŸ“¦
Cisco

Meetingplace

All versions
πŸ“¦
Cisco

Security Device Manager

All versions
πŸ“¦
Cisco

Unified Meetingplace

All versions
πŸ“¦
Cisco

Unified Meetingplace Express

All versions
πŸ“¦
Cisco

Unified Personal Communicator

All versions
πŸ“¦
Cisco

Unified Video Advantage

All versions
πŸ“¦
Cisco

Unified Videoconferencing

All versions
πŸ“¦
Cisco

Unified Videoconferencing Manager

All versions
πŸ“¦
Cisco

Vpn Client

= 3.5.1
πŸ“¦
Cisco

Vpn Client

= 3.5.1
πŸ“¦
Cisco

Vpn Client

= 3.5.2
πŸ“¦
Cisco

Vpn Client

= 3.5.2
πŸ“¦
Cisco

Vpn Client

= 3.5.2
πŸ“¦
Cisco

Vpn Client

= 3.5.2b
πŸ“¦
Cisco

Vpn Client

= 3.5.2b
πŸ“¦
Cisco

Vpn Client

= 3.5.2b
πŸ“¦
Cisco

Vpn Client

= 3.5.4
πŸ“¦
Cisco

Vpn Client

= 3.5.4
πŸ“¦
Cisco

Vpn Client

= 3.5.4
πŸ“¦
Cisco

Vpn Client

= 3.6
πŸ“¦
Cisco

Vpn Client

= 3.6
πŸ“¦
Cisco

Vpn Client

= 3.6
πŸ“¦
Cisco

Vpn Client

= 3.6.1
πŸ“¦
Cisco

Vpn Client

= 3.6.1
πŸ“¦
Cisco

Vpn Client

= 3.6.1
πŸ“¦
Cisco

Vpn Client

= 4.0.2a
πŸ“¦
Cisco

Vpn Client

= 4.0.2a
πŸ“¦
Cisco

Vpn Client

= 4.0.2c
πŸ“¦
Cisco

Vpn Client

= 4.0.2c
πŸ“¦
Cisco

Vpn Client

= 4.8.1
πŸ“¦
Cisco

Wan Manager

All versions
πŸ“¦
Cisco

Wireless Lan Controllers

All versions
πŸ“¦
Cisco

Wireless Lan Solution Engine

All versions
πŸ”Œ
Cisco

Call Manager

All versions
πŸ”Œ
Cisco

Network Analysis Module

All versions
πŸ”Œ
Cisco

Wireless Control System

= 4.0

References & Advisories

πŸ”— http://secunia.com/advisories/24499
πŸ”— http://securityreason.com/securityalert/2437
πŸ”— http://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.html
πŸ”— http://www.securityfocus.com/archive/1/462932/100/0/threaded
πŸ”— http://www.securityfocus.com/archive/1/462944/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/22982
πŸ”— http://www.securitytracker.com/id?1017778
πŸ”— http://www.vupen.com/english/advisories/2007/0973

Related Vulnerabilities

CVE-2008-053210.0

Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Contr...

CVE-2006-409810.0

Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Sol...

CVE-2004-109910.0

Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution ...

CVE-2006-40977.8

Multiple unspecified vulnerabilities in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 an...