CVE-2018-1254

Name of the Vulnerable Software and Affected Versions RSA Authentication Manager Security Console versions 8.3 P1 and earlier

Description The issue allows a remote unauthenticated attacker to potentially exploit a reflected cross-site scripting vulnerability by tricking a Security Console administrator into supplying malicious HTML or JavaScript code to a vulnerable web application. This code is then reflected back to the victim and executed by the web browser.

Recommendations For RSA Authentication Manager Security Console versions 8.3 P1 and earlier, update to a version later than 8.3 P1 to resolve the issue.