Vulnerability Details CVE-2015-0698
Multiple cross-site scripting (XSS) vulnerabilities in filter search forms in admin web pages on Cisco Web Security Appliance (WSA) devices with software 8.5.0-497 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut39213.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.5%
CVSS Severity
CVSS v2 Score 4.3
References
Products affected by CVE-2015-0698
-
cpe:2.3:a:cisco:web_security_appliance:-
-
cpe:2.3:a:cisco:web_security_appliance:7.1.0
-
cpe:2.3:a:cisco:web_security_appliance:7.1.1
-
cpe:2.3:a:cisco:web_security_appliance:7.1.2
-
cpe:2.3:a:cisco:web_security_appliance:7.1.3
-
cpe:2.3:a:cisco:web_security_appliance:7.1.4
-
cpe:2.3:a:cisco:web_security_appliance:7.5.2-hp2-303
-
cpe:2.3:a:cisco:web_security_appliance:7.7.0-608
-
cpe:2.3:a:cisco:web_security_appliance:7.7.5-835
-
cpe:2.3:a:cisco:web_security_appliance:8.0.5_hp1
-
cpe:2.3:a:cisco:web_security_appliance:8.0.7
-
cpe:2.3:a:cisco:web_security_appliance:8.5.0-000