source: https://www.securityfocus.com/bid/47902/info
CiscoWorks Common Services is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input.
Exploiting this vulnerability could allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and launch other attacks.
This issue is being monitored by Cisco Bug ID CSCto12704.
CiscoWorks Common Services 3.3 and prior are vulnerable.
http://www.example.com/cwhp/device.center.do?device=&72a9f"><script>alert(1)</script>5f5251aaad=1
