CVE-2014-8028

CVE Database · CVE-2014-8028

CVE-2014-8028

· N/AModified

CVSS v3.1

N/A

EPSS

1.16%

Published

Jan 9, 2015

Modified

May 6, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Secure Access Control System (ACS) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq79019.

Weaknesses (CWE)

CWE-79

Affected Products (1)

cisco · secure_access_control_systemvulnerable

References (10)

http://secunia.com/advisories/62159

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8028

Vendor Advisory

http://www.securityfocus.com/bid/71946

http://www.securitytracker.com/id/1031515

https://exchange.xforce.ibmcloud.com/vulnerabilities/100553