CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2011-1422
https://notcve.org/view.php?id=CVE-2011-1422
Cross-site scripting (XSS) vulnerability in an unspecified Shockwave Flash file in EMC RSA Adaptive Authentication On-Premise (AAOP) 2.x, 5.7.x, and 6.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Vulnerabilidad de ejecución de comando en sitios cruzados (XSS) en un archivo Shockwave Flash no especificado en EMC RSA Adaptive Authentication On-Premise (AAOP) v2.x, v5.7.x, y v6.x permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores desconocidos. • http://secunia.com/advisories/44236 http://securityreason.com/securityalert/8215 http://securitytracker.com/id?1025382 http://www.securityfocus.com/archive/1/517534/100/0/threaded http://www.securityfocus.com/bid/47408 http://www.vupen.com/english/advisories/2011/1026 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •