{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Cisco ASA 5500 Series Adaptive Security Appliances versions ant\u00e9rieures aux 8.2(1), 8.1(2.7) et 8.0(5).","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Secure Desktop versions ant\u00e9rieures \u00e0 la 3.5 ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 dans Cisco Secure Desktop permet \u00e0 une personne\nmalintentionn\u00e9e d'effectuer une injection de code indirecte \u00e0 distance\n(XSS) par le biais d'une requ\u00eate HTTP de type POST transmise \u00e0 la visite\nd'une page web sp\u00e9cialement con\u00e7ue.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2010-0440","url":"https://www.cve.org/CVERecord?id=CVE-2010-0440"}],"links":[],"reference":"CERTA-2010-AVI-042","revisions":[{"description":"version initiale.","revision_date":"2010-02-02T00:00:00.000000"}],"risks":[{"description":"Injection de code indirecte \u00e0 distance"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans <span class=\"textit\">Cisco Secure Desktop</span>\npermet \u00e0 une personne malintentionn\u00e9e d'effectuer une injection de code\nindirecte \u00e0 distance (<span class=\"textit\">XSS</span>).\n","title":"Vuln\u00e9rabilit\u00e9 dans Cisco Secure Desktop","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco #19843 du 01 f\u00e9vrier 2010","url":"http://tools.cisco.com/security/center/viewAlert.x?alertId=19843"}]}