EUVD-2014-7870

Malware in sbrugna...

Cross site scripting

Cross-site scripting XSS vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz14682...

CVE-2016-6436

Affected: Cisco Host Scan Engine (Host Scan package) in ASA Web VPN. Versions 3.0.08062 through 3.1.14018 are vulnerable to cross-site scripting (XSS) via a crafted URL in the HostScan Engine. Root cause: insufficient input validation allowing injection of arbitrary script/HTML when processing us...

Cross site scripting

Cross-site scripting XSS vulnerability in Cisco AnyConnect Secure Mobility Client 3.1.02043 and earlier and Cisco HostScan Engine 3.1.05183 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving an applet-path URL, aka Bug IDs CSCup82990 and CSCuq80149...

CVE-2014-8021

Cross-site scripting XSS vulnerability in Cisco AnyConnect Secure Mobility Client 3.1.02043 and earlier and Cisco HostScan Engine 3.1.05183 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving an applet-path URL, aka Bug IDs CSCup82990 and CSCuq80149...

CVE-2014-8021

CVE-2014-8021 is an XSS vulnerability in Cisco AnyConnect Secure Mobility Client <= 3.1.x and Cisco HostScan Engine