Cross-site scripting (XSS) vulnerability in +webvpn+/index.html in WebVPN on the Cisco Adaptive Security Appliances (ASA) 5520 with software 7.2(4)30 and previous versions 7.2 versions including 7.2(2)22, and 8.0(4)28 and previous versions 8.0 versions, when clientless mode is enabled, allows remote malicious users to inject arbitrary web script or HTML via the Host HTTP header.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco adaptive security appliance 5520 |
||
cisco ios 7.2\\(2\\)22 |