Cross-Site Scripting Vulnerability in Cisco Hosted Collaboration Solution
CVE-2015-4260

Currently unrated

Key Information:

Vendor: Cisco
Status: Hosted Collaboration Solution
Vendor: CVE Published:; 10 July 2015

What is CVE-2015-4260?

The cross-site scripting vulnerability in Cisco's Hosted Collaboration Solution 10.6(1) allows remote attackers to inject arbitrary web scripts or HTML by submitting a crafted value in a URL. This may lead to unauthorized access or manipulation of sensitive data, compromising the integrity and confidentiality of user interactions within the application.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1032840

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 10, 2015
Vulnerability Reserved
Jun 4, 2015