CVE-2013-3423
CVE-2013-3423 describes a cross-site scripting (XSS) vulnerability in the web interface of Cisco Secure Access Control System (ACS). The issue allows remote attackers to inject arbitrary web script or HTML via an unspecified field due to insufficient input validation. Documentation confirms the a...