CVE-2017-6769

Name of the Vulnerable Software and Affected Versions: Cisco Secure ACS versions 5.8(0.8) through 5.8(1.5)

Description: The issue is related to incorrect validation and lack of encryption of user data in the web-based management interface. This could allow a remote attacker to conduct a stored cross-site scripting attack against a user of the web interface.

Recommendations: For versions 5.8(0.8) through 5.8(1.5), update to a version that addresses the issue, as the current version may allow for stored cross-site scripting attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.