Cross-site scripting (XSS) vulnerability in the Search and Play interface in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCum16686.
http://www.securitytracker.com/id/1029667
http://www.securityfocus.com/bid/65053
https://exchange.xforce.ibmcloud.com/vulnerabilities/90615
http://tools.cisco.com/security/center/viewAlert.x?alertId=32514
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0670
http://secunia.com/advisories/56563
http://osvdb.org/102319
Source: Mitre, NVD
Published: 2014-01-22
Updated: 2026-06-17
Base Score: 4.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
Severity: Medium
Base Score: 6.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS: 0.00543