This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote host is affected by a cross-site scripting vulnerability.
The remote host has a version of Cisco AnyConnect installed that is
prior to version 3.1.6073.0. It is, therefore, affected by a
cross-site scripting vulnerability due to improper validation of
user-supplied input when building a path for an applet in a Document
Object Model. An attacker can exploit this issue to execute arbitrary
script code in the browser of an unsuspecting user in the context of
the affected site.
See also :
Upgrade to Cisco AnyConnect Secure Mobility Client 3.1(6068) or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true