CVE-2009-2048

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Ccx; Unified Ip Ivr; Crs; Unified Ip Contact Center Express
Vendor: CVE Published:; 16 July 2009

Summary

Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors.

References

http://www.securitytracker.com/id?1022569

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/51730

vdb-entryx_refsource_XF

http://secunia.com/advisories/35861

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jul 16, 2009
Vulnerability Reserved
Jun 12, 2009