Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco Secure ACS for UNIX 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) error, (2) SSL, and (3) Ok parameters.
| Type | CWE ID | Description |
|---|---|---|
| text | N/A | n/a |
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Hyperlink | Resource |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/27166 | vdb-entry x_refsource_XF |
| http://secunia.com/advisories/20699 | third-party-advisory x_refsource_SECUNIA |
| http://securitytracker.com/id?1016317 | vdb-entry x_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/437480/100/0/threaded | mailing-list x_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/18449 | vdb-entry x_refsource_BID |
| http://www.securityfocus.com/archive/1/437441/100/0/threaded | mailing-list x_refsource_BUGTRAQ |
| http://www.osvdb.org/26531 | vdb-entry x_refsource_OSVDB |
| http://www.vupen.com/english/advisories/2006/2384 | vdb-entry x_refsource_VUPEN |
| http://securityreason.com/securityalert/1116 | third-party-advisory x_refsource_SREASON |
| http://www.cisco.com/en/US/products/sw/secursw/ps4911/tsd_products_security_response09186a00806b8bdb.html | vendor-advisory x_refsource_CISCO |
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Hyperlink | Resource |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/27166 | vdb-entry x_refsource_XF x_transferred |
| http://secunia.com/advisories/20699 | third-party-advisory x_refsource_SECUNIA x_transferred |
| http://securitytracker.com/id?1016317 | vdb-entry x_refsource_SECTRACK x_transferred |
| http://www.securityfocus.com/archive/1/437480/100/0/threaded | mailing-list x_refsource_BUGTRAQ x_transferred |
| http://www.securityfocus.com/bid/18449 | vdb-entry x_refsource_BID x_transferred |
| http://www.securityfocus.com/archive/1/437441/100/0/threaded | mailing-list x_refsource_BUGTRAQ x_transferred |
| http://www.osvdb.org/26531 | vdb-entry x_refsource_OSVDB x_transferred |
| http://www.vupen.com/english/advisories/2006/2384 | vdb-entry x_refsource_VUPEN x_transferred |
| http://securityreason.com/securityalert/1116 | third-party-advisory x_refsource_SREASON x_transferred |
| http://www.cisco.com/en/US/products/sw/secursw/ps4911/tsd_products_security_response09186a00806b8bdb.html | vendor-advisory x_refsource_CISCO x_transferred |