CVE-2015-0728
Cisco ACS 5.5(0.1) is affected by a cross-site scripting (XSS) vulnerability triggered by a crafted URL. The root cause is improper input validation of certain parameters passed to the device, allowing an unauthenticated remote attacker to inject and execute arbitrary script in the victim’s brows...