Vulnerabilities > Cisco > Cloud WEB Security > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-19 | CVE-2020-3154 | SQL Injection vulnerability in Cisco Cloud web Security 5.2(0) A vulnerability in the web UI of Cisco Cloud Web Security (CWS) could allow an authenticated, remote attacker to execute arbitrary SQL queries. | 4.9 |
| 2017-07-25 | CVE-2015-0674 | Cross-site Scripting vulnerability in Cisco Cloud web Security Cross-site scripting (XSS) vulnerability in the Alert Service of Cisco Cloud Web Security base revision allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | 6.1 |