2 matches found
CVE-2011-3317
Cisco ACS 5.2 Solution Engine has multiple XSS vulnerabilities (CVE-2011-3317) that allow remote attackers to inject arbitrary web script or HTML via unspecified vectors (Bug ID CSCtr78192). Affected product: Cisco Secure Access Control Server (ACS) 5.2. Documented impact: cross-site scripting wi...
CVE-2011-3293
Cisco ACS 5.2 Solution Engine contains multiple CSRF vulnerabilities that allow an attacker to hijack administrator sessions by submitting requests that insert XSS sequences (Bug ID CSCtr78143). Reported across several sources (NVD, CVE records, PT Security/PT-2011-26) and historically discussed ...