Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote attackers to inject arbitrary web script or HTML via an argument located immediately after the Help argument, and possibly unspecified other vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco User-Changeable Password(UCP)CSuserCGI.exe本地HELP参数多个跨站脚本漏洞
Vulnerability Description
UCP应用允许终端用户使用基于Web的工具更改Cisco Secure Access Control Server(ACS)的口令。 /securecgi-bin/CSUserCGI.exe CGI存在多个缓冲区溢出和跨站脚本漏洞,远程攻击者可能利用一个本地HELP参数后的直接参数注入任意WEB脚本和HTML代码.也有可能是其他未知向量
CVSS Information
N/A
Vulnerability Type
N/A