Unrated severityNVD Advisory· Published Dec 19, 2012· Updated Apr 29, 2026

CVE-2012-6007

Description

Cross-site scripting (XSS) vulnerability in screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to inject arbitrary web script or HTML via the headline parameter, aka Bug ID CSCud65187, a different vulnerability than CVE-2012-5992.

Affected products

Cisco Systems, Inc./2000 Wireless Lan Controller
cpe:2.3:h:cisco:2000_wireless_lan_controller:*:*:*:*:*:*:*:*
Cisco Systems, Inc./2100 Wireless Lan Controller
cpe:2.3:h:cisco:2100_wireless_lan_controller:*:*:*:*:*:*:*:*
Cisco Systems, Inc./2500 Wireless Lan Controller
cpe:2.3:h:cisco:2500_wireless_lan_controller:-:*:*:*:*:*:*:*
Cisco Systems, Inc./4100 Wireless Lan Controller
cpe:2.3:h:cisco:4100_wireless_lan_controller:*:*:*:*:*:*:*:*
Cisco Systems, Inc./4400 Wireless Lan Controller
cpe:2.3:h:cisco:4400_wireless_lan_controller:*:*:*:*:*:*:*:*
Cisco Systems, Inc./5500 Wireless Lan Controller
cpe:2.3:h:cisco:5500_wireless_lan_controller:-:*:*:*:*:*:*:*
Cisco Systems, Inc./7500 Wireless Lan Controller
cpe:2.3:h:cisco:7500_wireless_lan_controller:-:*:*:*:*:*:*:*
Cisco Systems, Inc./8500 Wireless Lan Controller
cpe:2.3:h:cisco:8500_wireless_lan_controller:-:*:*:*:*:*:*:*
Cisco Systems, Inc./Wireless Lan Controller Software
cpe:2.3:o:cisco:wireless_lan_controller_software:7.2.110.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

infosec42.blogspot.dk/2012/12/cisco-wlc-csrf-dos-and-persistent-xss.htmlnvdExploit

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000