Posted by Juan Sacco on Feb 18

# Exploit author: Juan Sacco – jsacco () exploitpack com
# Affected program: Cisco ASA VPN Portal – Zero Day
# Cisco ASA VPN is prone to a XSS on the password recovery page.
# This vulnerability can be used by an attacker to capture other user’s
credentials.
# The password recovery form fails to filter properly the hidden inputs
fields.
#
# This Zero Day exploit has been developed and discovered by Juan Sacco.
# Exploit Pack – Team…