Cross-Site Scripting (XSS) Vulnerabilities in Cisco Identity Services Engine (ISE) Infra Admin UI (Bug ID CSCus16052)

Cross-Site Scripting (XSS) Vulnerabilities in Cisco Identity Services Engine (ISE) Infra Admin UI (Bug ID CSCus16052)

CVE-2015-4268 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in the Infra Admin UI in Cisco Identity Services Engine (ISE) 1.2(1.198) and 1.3(0.876) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug ID CSCus16052.

Learn more about our Cis Benchmark Audit For Cisco.