Since there is no technical workaround available from Cisco (according to the BugSearch tool as of 3 April 2014), you will have to rely on mitigating the risk through user education. (The fixed releases noted are all Cisco internal - it looks like the upcoming 9.2 will include a fix but it may be several months before it is released.)
Since the PSIRT indicates the vulnerability is exploited by "convincing a user to access a malicious link", remind you users not to access unknown links - especially not while connected to your WebVPN.