CVE-2014-2114

Currently unrated

Key Information:

Vendor: Cisco
Status: Emergency Responder
Vendor: CVE Published:; 4 April 2014

Summary

Cross-site scripting (XSS) vulnerability in UserServlet in Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun24384.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1030019

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/66635

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Apr 4, 2014
Vulnerability Reserved
Feb 25, 2014