CVE-2018-15455

CVE-2018-15455

A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to the improper validation of requests stored in the system’s logging database. An attacker could exploit this vulnerability by sending malicious requests to the targeted system. An exploit could allow the attacker to conduct cross-site scripting attacks when an administrator views the logs in the Admin Portal.

Source: CVE-2018-15455

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다