Cross-Site Scripting Vulnerability in Cisco Unified MeetingPlace
CVE-2015-0703

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Meetingplace
Vendor: CVE Published:; 21 April 2015

Summary

A Cross-Site Scripting (XSS) vulnerability exists within the administrative web interface of Cisco Unified MeetingPlace 8.6(1.9). This flaw allows remote attackers to inject arbitrary web scripts or HTML content through unspecified vectors, potentially compromising the security of users interacting with the application. The vulnerability has been documented in Bug ID CSCus95857, highlighting the need for system administrators to apply relevant patches and follow best practices to mitigate associated risks.

References

http://www.securitytracker.com/id/1032164

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Apr 21, 2015
Vulnerability Reserved
Jan 7, 2015