XSS in Cisco Asyncos

CVE-2015-0577

Multiple cross-site scripting (XSS) vulnerabilities in the IronPort Spam Quarantine (ISQ) page in Cisco AsyncOS, as used on the Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA), allow remote attackers to…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.003 (56.2th percentile) — read the EPSS interpretation.