SynopsisThe remote device is missing a vendor-supplied security patch
DescriptionAccording to its self-reported version, Cisco Small Business RV Series Router Firmware is affected by a cross-site scripting (XSS) vulnerability in its web-based management console due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user's browser session.
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
SolutionUpgrade to the relevant fixed version referenced in Cisco bug ID CSCvu06343