A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to conduct cross-site scripting (XSS) attacks against a user of the interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the malicious user to execute arbitrary script or HTML code in the context of the interface, which could allow the malicious user to gain access to sensitive, browser-based information.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco web security appliance |
Vulmon