Cross-Site Scripting Vulnerability in Cisco Emergency Responder
CVE-2014-2114

Currently unrated

Key Information:

Vendor: Cisco
Status: Emergency Responder
Vendor: CVE Published:; 4 April 2014

Summary

The vulnerability allows remote attackers to execute arbitrary web scripts or HTML through an unspecified parameter in the UserServlet of Cisco Emergency Responder versions 8.6 and earlier. Proper security measures should be implemented to mitigate the risks associated with this issue.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1030019

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/66635

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Apr 4, 2014
Vulnerability Reserved
Feb 25, 2014