Cisco AsyncOS, the operating system powering multiple Cisco security appliances, has been patched against a reflected cross-site scripting vulnerability that allowed an unauthenticated attacker to load an arbitrary script in the context of the users browser.
The affected products are Cisco Email Security Appliance 8.0, Cisco Web Security Appliance 8.0 and Content Security Management Appliance 8.3. Earlier versions are also vulnerable.
According to the Cisco advisory, the vulner…
Comments are closed.
