Multiple cross-site scripting (XSS) vulnerabilities on the Forescout CounterACT NAC device prior to 7.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the a parameter to assets/login or (2) the query parameter to assets/rangesearch.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
forescout counteract 6.3.4.10 |