Cross-site scripting (XSS) vulnerability in the troubleshooting page in Cisco Identity Services Engine (ISE) 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCug77655.
http://www.securitytracker.com/id/1029155
http://www.securityfocus.com/bid/62870
https://exchange.xforce.ibmcloud.com/vulnerabilities/87722
http://tools.cisco.com/security/center/viewAlert.x?alertId=31159
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5524
http://secunia.com/advisories/55067
http://osvdb.org/98166
Source: Mitre, NVD
Published: 2013-10-10
Updated: 2026-06-16
Base Score: 4.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
Severity: Medium
Base Score: 6.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS: 0.00561