exploitDog

GHSA-cj29-8hcg-f8p3

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Cross-site scripting (XSS) vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz14682.

Cross-site scripting (XSS) vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz14682.

Ссылки

EPSS

Процентиль: 48%

0.0025

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2016-6436

CVSS3: 6.1

nvd

больше 9 лет назад

Cross-site scripting (XSS) vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz14682.

EPSS

Процентиль: 48%

0.0025

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79