3 matches found
Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability (cisco-sa-20191016-ise-store-xss)
A cross-site scripting XSS vulnerability exists in the web-based management interface of Cisco Identity Services Engine ISE due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit this, persuading a user of the interface to cli...
CVE-2019-12638
CVE-2019-12638 affects Cisco Identity Services Engine (ISE) stores XSS in the web-based management interface due to insufficient input validation. The issue allows an authenticated, remote attacker to coerce a user into clicking a crafted link, resulting in execution of arbitrary script code in t...
CVE-2019-12638 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web-based management interface. The vulnerability is due to insufficient validation of...