Cisco on Dec. 2 updated an advisory from March 18 about a 10-year-old vulnerability in the WebVPN login page of Cisco’s Adaptive Security Appliance (ASA) software that could let an unauthenticated remote attacker conduct a cross-site scripting (XSS) attack.
In its recent update, the Cisco Product Security Incident Response Team (PSIRT) said it became aware of additional attempted exploitation of this vulnerability in the wild last month.