CVE-2015-6346
CVE-2015-6346 is a cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) web interface, specifically in ACS 5.7(0.15). The root cause, per Cisco’s advisory, is a lack of input validation in DOM handling, enabling a DOM-based XSS when a crafted URL is processed. The ...