CVE-2016-6436

Affected: Cisco Host Scan Engine (Host Scan package) in ASA Web VPN. Versions 3.0.08062 through 3.1.14018 are vulnerable to cross-site scripting (XSS) via a crafted URL in the HostScan Engine. Root cause: insufficient input validation allowing injection of arbitrary script/HTML when processing us...