Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
%20Software&color=blue)
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.
No PoCs from references.
- https://github.com/20142995/nuclei-templates
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/CLincat/vulcat
- https://github.com/Hudi233/CVE-2020-3580
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/adarshvs/CVE-2020-3580
- https://github.com/catatonicprime/CVE-2020-3580
- https://github.com/cruxN3T/CVE-2020-3580
- https://github.com/fuckup1337/HackerOneAPIClient
- https://github.com/iamthefrogy/BountyHound
- https://github.com/imhunterand/CVE-2020-3580
- https://github.com/n0-traces/cve_monitor
- https://github.com/n1sh1th/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/pankajkryadav/Hacktivity
- https://github.com/pdelteil/HackerOneAPIClient
- https://github.com/r0eXpeR/supplier
- https://github.com/soosmile/POC