ASA-2019-00455 – Squid: Multiple Cross-Site Scripting issues in cachemgr.cgi

Due to incorrect input handling Squid cachemgr.cgi tool is vulnerable to multiple Cross-Site Scripting attacks. This allows a malicious server to embed URLs in its content such that user credentials and other information can be extracted from a client or administrator with access to the Squid cachemgr.cgi tool URL.