Multiple cross-site scripting (XSS) vulnerabilities in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote attackers to inject arbitrary web script or HTML via an argument located immediately after the Help argument, and possibly unspecified other vectors.
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
| Link | Tags |
|---|---|
| http://www.recurity-labs.com/content/pub/RecurityLabs_Cisco_ACS_UCP_advisory.txt | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a008095f0c4.shtml | patch vendor advisory |
| http://www.securityfocus.com/archive/1/489463/100/0/threaded | mailing list |
| http://www.securityfocus.com/bid/28222 | vdb entry exploit |
| http://www.vupen.com/english/advisories/2008/0868 | vdb entry |
| http://securityreason.com/securityalert/3743 | third party advisory |
| http://securitytracker.com/id?1019607 | vdb entry |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41156 | vdb entry |
| http://secunia.com/advisories/29351 | third party advisory patch vendor advisory |