A cross site scripting vulnerability has been found in Cisco Security Monitoring, Analysis and Response System. The issue is due to the input passed via several fields (eg: isnowLatency) to the /Query/NewQueryResult.jsp page are not properly sanitised before being returned to the user. Other pages could be affected by this issue.
a744cb9f4e5080fb1ab9d2c85ce572685f55379db22e423d3575ad8d31beec81