Vulnerabilities > Cisco > WEB Security Virtual Appliance > 9.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-20 | CVE-2021-1271 | Unspecified vulnerability in Cisco web Security Virtual Appliance A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. | 4.8 |
| 2017-07-25 | CVE-2017-6751 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device, aka an Access Control Bypass Vulnerability. | 7.5 |