Cisco ASA Appliance WebVPN Cross Site Scripting Vulnerability

Cisco ASA is prone to a cross-site scripting vulnerability.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based authentication credentials.

Cisco ASA software versions 8.0.4(2B) and prior running on ASA 5500 Series Adaptive Security Appliances are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus