CVE-2020-3154
Cisco Cloud Web Security (CWS) web UI contains a SQL injection vulnerability. The web-based management interface improperly validates SQL values, allowing an authenticated, remote attacker to send malicious requests to an affected device and modify or return values from the underlying database. A...