2 matches found
CVE-2014-0680
Cross-site scripting XSS vulnerability in the HTTP control interface in the NAC Web Agent component in Cisco Identity Services Engine ISE allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCui15038...
CVE-2014-0680
Cisco Identity Services Engine (ISE) NAC Web Agent’s HTTP control interface is affected by a Cross-Site Scripting (XSS) vulnerability. The issue arises from insufficient input validation, allowing remote attackers to inject arbitrary scripts via a crafted URL. Exploitation could cause a user to e...