Cisco ASA VPN Portal Cross Site Scripting, 0Day

Recently there is no peace for the Cisco ASA Appliance.

After the vulnerability in the fragmentation of the IKE payload, a new zero-day afflicts the Cisco ASA VPN Portal through XSS attack.


From the advisory posted by Juan Sacco on PacketStorm:

Cisco ASA VPN is prone to a XSS on the password recovery page.

This vulnerability can be used by an attacker to capture other user’s credentials.

The password recovery form fails to filter properly the hidden inputs fields.

Here a simple Proof-Of-Concept to check the vulnerability:

Published: February 18 2016