CVE-2007-1367

Currently unrated

Key Information:

Vendor: Avaya
Status: S8710; S8300; S8500; S8700
Vendor: CVE Published:; 9 March 2007

Summary

Cross-site scripting (XSS) vulnerability in the login page in Avaya Communications Manager (CM) S87XX, S8500, and S8300 products before 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the Login field.

References

http://www.securityfocus.com/bid/22866

vdb-entryx_refsource_BID

http://support.avaya.com/elmodocs2/security/ASA-2007-064.htm

x_refsource_CONFIRM

http://www.osvdb.org/33297

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Mar 9, 2007
Vulnerability Reserved
Mar 9, 2007