Cross-Site Scripting Vulnerability in Cisco Unified Web and E-mail Interaction Manager
CVE-2014-2192

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Web And E-mail Interaction Manager
Vendor: CVE Published:; 20 May 2014

Summary

A cross-site scripting vulnerability exists in Cisco Unified Web and E-mail Interaction Manager version 9.0(2). This flaw allows remote attackers to inject arbitrary web scripts or HTML into web pages by exploiting an unspecified parameter. If successfully executed, this could lead to unauthorized access to sensitive information or compromise the security of user sessions.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/67464

vdb-entryx_refsource_BID

Timeline

Vulnerability published
May 20, 2014
Vulnerability Reserved
Feb 25, 2014