Cross site scripting

2015-10-3010:59:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.2%

JSON

Cross-site scripting (XSS) vulnerability in the web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

CPENameOperatorVersion
secure_access_control_servereq5.7.0.15

CPE	Name	Operator	Version
	secure_access_control_server	eq	5.7.0.15

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151023-acs_xss1

www.securitytracker.com/id/1033968