CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-4198

Cross-site scripting (XSS) vulnerability in the web framework on Cisco Web Security Appliance (WSA) devices with software 8.5.0-497 allows remote attackers to inject arbitrary web script or HTML via an unspecified HTTP header, aka Bug ID CSCuu24409.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.8%

CVSS Severity

CVSS v2 Score 4.3

References

http://tools.cisco.com/security/center/viewAlert.x?alertId=39422
http://www.securityfocus.com/bid/75326
http://www.securitytracker.com/id/1032676
http://tools.cisco.com/security/center/viewAlert.x?alertId=39422
http://www.securityfocus.com/bid/75326
http://www.securitytracker.com/id/1032676

Products affected by CVE-2015-4198

Cisco » Web Security Appliance » Version: 8.5.0-497

cpe:2.3:o:cisco:web_security_appliance:8.5.0-497

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-4198

Products

Pricing

Contact Us