CVE-2015-4198
Cisco Web Security Appliance (WSA) WEB FRAMEWORK HTTP HEADER INJECTION: An unauthenticated remote attacker could craft an HTTP header to inject arbitrary HTML/script into the browser via the WSA web interface. Root cause: insufficient validation of header value used in responses. Affected product...