2 matches found
CVE-2014-8012
Cross-site scripting XSS vulnerability in the WebVPN Portal Login page in Cisco Adaptive Security Appliance ASA Software allows remote attackers to inject arbitrary web script or HTML via crafted attributes in a cookie, aka Bug ID CSCuh24695...
CVE-2014-8012
Cisco ASA WebVPN Portal is affected by a DOM-based XSS in the Portal Login page (CVE-2014-8012). The vulnerability arises from mishandling of certain cookie attributes, allowing an unauthenticated, remote attacker to craft a link or action that executes arbitrary script/HTML in the user’s browser...