Cross-site scripting (XSS) vulnerability in the Spam Quarantine login page in Cisco IronPort AsyncOS prior to 6.5.2 on Series C, M, and X appliances allows remote malicious users to inject arbitrary web script or HTML via the referrer parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco ironport_asyncos 6.0.0-754 |
||
cisco ironport_asyncos 6.3.5-003 |
||
cisco ironport_asyncos 6.3.6-003 |
||
cisco ironport_asyncos 6.0.0-757 |
||
cisco ironport_asyncos 6.1.0-301 |
||
cisco ironport_asyncos 6.6.4.0-273 |
||
cisco ironport_asyncos 6.5.0-405 |
||
cisco ironport_asyncos 6.1.0-307 |
||
cisco ironport_asyncos 6.1.5-110 |
||
cisco ironport_asyncos 6.1.6-003 |
||
cisco ironport_asyncos 6.1.0-304 |
||
cisco ironport_asyncos 6.1.0-306 |
||
cisco ironport_asyncos 6.5.1-005 |
||
cisco ironport_email_security_appliances |