CVE-2015-4268

Cisco Identity Services Engine (ISE) Infra Admin UI is affected by CVE-2015-4268, with XSS vulnerabilities in ISE versions 1.2(1.198) and 1.3(0.876). The root cause is insufficient input validation of certain HTTP GET/POST parameters, enabling remote attackers to inject arbitrary web script or HT...