Cross-Site Scripting Vulnerability in Cisco Unified MeetingPlace Application Server
CVE-2013-5495

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Meetingplace
Vendor: CVE Published:; 16 September 2013

Summary

A Cross-Site Scripting (XSS) vulnerability exists in the web framework of the Cisco Unified MeetingPlace Application Server. This flaw allows remote attackers to inject arbitrary web scripts or HTML into the application through an unspecified parameter. Successful exploitation can lead to unauthorized content injection, potentially affecting users who access the compromised application. For further information, see Cisco's security notice or the Security Tracker entry.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1029038

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Sep 16, 2013
Vulnerability Reserved
Aug 22, 2013