XSS Vulnerability in Cisco Jabber Guest Server
CVE-2014-8026

Currently unrated

Key Information:

Vendor: Cisco
Status: Jabber Guest
Vendor: CVE Published:; 23 December 2014

Summary

The vulnerability in Cisco Jabber's Guest Server allows remote attackers to exploit cross-site scripting (XSS) weaknesses. By injecting arbitrary web scripts or HTML through GET or POST parameters, attackers could potentially manipulate user interactions or steal sensitive information. This could lead to unauthorized actions being executed in the context of users accessing the compromised guest environment.

References

http://www.securitytracker.com/id/1031422

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

https://tools.cisco.com/security/center/viewAlert.x?alert...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Dec 23, 2014
Vulnerability Reserved
Oct 8, 2014