CVE-2009-1162

Currently unrated

Key Information:

Vendor: Cisco
Status: Ironport Asyncos; Ironport Email Security Appliances
Vendor: CVE Published:; 5 June 2009

Summary

Cross-site scripting (XSS) vulnerability in the Spam Quarantine login page in Cisco IronPort AsyncOS before 6.5.2 on Series C, M, and X appliances allows remote attackers to inject arbitrary web script or HTML via the referrer parameter.

References

http://secunia.com/advisories/34895

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/35203

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/50948

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jun 5, 2009
Vulnerability Reserved
Mar 26, 2009