CVE-2009-1162
Cisco IronPort AsyncOS before 6.5.2 on Series C, M, and X appliances is affected by an XSS vulnerability in the Spam Quarantine login page, exploitable via the referrer parameter to inject arbitrary script/HTML in a user’s browser. Root cause: improper input handling on the login page. Impact: re...