7 matches found
SUSE CVE-2014-8021
Cross-site scripting XSS vulnerability in Cisco AnyConnect Secure Mobility Client 3.1.02043 and earlier and Cisco HostScan Engine 3.1.05183 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving an applet-path URL, aka Bug IDs CSCup82990 and CSCuq80149...
CVE-2016-6436
Cross-site scripting XSS vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz14682...
CVE-2016-6436
Affected: Cisco Host Scan Engine (Host Scan package) in ASA Web VPN. Versions 3.0.08062 through 3.1.14018 are vulnerable to cross-site scripting (XSS) via a crafted URL in the HostScan Engine. Root cause: insufficient input validation allowing injection of arbitrary script/HTML when processing us...
CVE-2016-6436
Cross-site scripting XSS vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz14682...
Multiple Cisco Products Cross-Site Scripting Vulnerabilities
Cisco AnyConnect Secure Mobility Client is a mobile client VPN tool.Cisco HostScan Engine is a host scanning engine. Cisco AnyConnect Secure Mobility Client and Cisco Host Scan fail to properly validate URLs used to construct applet paths in the DOM, allowing attackers to conduct cross-site...
Cross site scripting
Cross-site scripting XSS vulnerability in Cisco AnyConnect Secure Mobility Client 3.1.02043 and earlier and Cisco HostScan Engine 3.1.05183 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving an applet-path URL, aka Bug IDs CSCup82990 and CSCuq80149...
CVE-2014-8021
CVE-2014-8021 is an XSS vulnerability in Cisco AnyConnect Secure Mobility Client <= 3.1.x and Cisco HostScan Engine