Arbitrary Script Injection Vulnerability in Cisco Web Security Appliance (WSA) Devices 8.5.0-497

Arbitrary Script Injection Vulnerability in Cisco Web Security Appliance (WSA) Devices 8.5.0-497

CVE-2015-0738 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the Web Tracking Report page on Cisco Web Security Appliance (WSA) devices 8.5.0-497 allows remote attackers to inject arbitrary web script or HTML via an unspecified field, aka Bug ID CSCuu16008.

Learn more about our Cis Benchmark Audit For Cisco.