Cross-Site Scripting Vulnerabilities in Cisco Secure Access Control System
CVE-2014-8028

Currently unrated

Key Information:

Vendor: Cisco
Status: Secure Access Control System
Vendor: CVE Published:; 9 January 2015

Summary

The Cisco Secure Access Control System is prone to multiple cross-site scripting vulnerabilities that permit remote attackers to inject arbitrary web scripts or HTML. These vulnerabilities could allow unauthorized access to sensitive data or facilitate phishing attacks, posing significant risks to web application security. Proper validation and sanitization of user input is imperative in mitigating these security threats.

References

http://www.securityfocus.com/bid/71946

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/100553

vdb-entryx_refsource_XF

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Jan 9, 2015
Vulnerability Reserved
Oct 8, 2014