Detections
Analytics

CVE-2013-3422

medium

Description

Cross-site scripting (XSS) vulnerability in Administration pages in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75165.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/85623

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3422

Details

Source: Mitre, NVD

Published: 2013-07-12

Updated: 2026-04-29

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00263