CVE-2011-3293 Information

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2 allow remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences aka Bug ID CSCtr78143.

Reference

http://secunia.com/advisories/49101 http://www.cisco.com/web/software/282766937/37718/Acs-5-2-0-26-9-Readme.txt http://www.securityfocus.com/bid/53436