Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The WebLaunch functionality of Cisco AnyConnect Secure Mobility Client Software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected software. The vulnerability is due to insufficient input validation of some parameters that are passed to the WebLaunch function of the affected software. An attacker could exploit this vulnerability by convincing a user to access a malicious link or by intercepting a user request and injecting malicious code into the request. Cisco Bug IDs: CSCvf12055. Known Affected Releases: 98.89(40).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco AnyConnect Secure Mobility Client Software 跨站脚本漏洞
Vulnerability Description
Cisco AnyConnect Secure Mobility Client Software是美国思科(Cisco)公司的一款可通过任何设备安全访问网络和应用的安全移动客户端。 Cisco AnyConnect Secure Mobility Client Software中的WebLaunch功能存在跨站脚本漏洞,该漏洞源于程序没有充分验证传递到‘WebLaunch’函数的参数。远程攻击者可利用该漏洞在用户浏览器中执行任意脚本代码。
CVSS Information
N/A
Vulnerability Type
N/A