CVE-2022-20636
Multiple cross-site scripting vulnerabilities affect the web-based management interface of Cisco Security Manager (CSM). The issues arise from insufficient input validation, allowing an unauthenticated, remote attacker to lure a user into clicking a crafted link and execute arbitrary script code ...