2 matches found
CVE-2015-6349
Cross-site scripting XSS vulnerability in the web interface in the Solution Engine in Cisco Secure Access Control Server ACS 5.70.15 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2015-6349
CVE-2015-6349 affects Cisco Secure Access Control Server (ACS) 5.7(0.15) Solution Engine, where the web interface is vulnerable to reflecte d cross-site scripting due to lack of input validation on user-supplied input. An unauthenticated, remote attacker could exploit a crafted URL to inject arbi...