THREATOPS
THREAT OPSCVEs › CVE-2014-2120

CVE-2014-2120 — Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability

CISA KEVExploited: confirmedCisco

Cisco Adaptive Security Appliance (ASA) contains a cross-site scripting (XSS) vulnerability in the WebVPN login page. This vulnerability allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.

Vulnerability details