Cross-site scripting (XSS) vulnerability in the WebVPN Portal Login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via crafted attributes in a cookie, aka Bug ID CSCuh24695.
References
Link | Resource |
---|---|
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8012 | Vendor Advisory |
http://www.securitytracker.com/id/1031395 |
Configurations
Information
Published : 2014-12-18 08:59
Updated : 2017-01-02 18:59
NVD link : CVE-2014-8012
Mitre link : CVE-2014-8012
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
cisco
- adaptive_security_appliance_software