Lucene search
HistoryMay 15, 2015 - 1:59 a.m.
CVE-2015-0734
cisco
esa
8.5.6-106
xss
vulnerabilities
remote attackers
web script
html
nvd
cve-2015-0734
cscut87743
5.9 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
43.3%
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Email Security Appliance (ESA) 8.5.6-106 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug ID CSCut87743.
Affected configurations
Node
ciscoemail_security_appliance_firmwareMatch8.5.6-106
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco:email_security_appliance_firmware | cisco email security appliance firmware | eq | 8.5.6-106 |
Related
cisco
cisco
Cisco Email Security Appliance Cross-Site Scripting Vulnerability
2015-05-14 16:49:04
cvelist
cvelist
CVE-2015-0734
2015-05-15 01:00:00
prion
prion
Cross site scripting
2015-05-15 01:59:00
nvd
nvd
CVE-2015-0734
2015-05-15 01:59:06
5.9 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
43.3%
Related for CVE-2015-0734