CVE-2015-4294

Currently unrated

Key Information:

Vendor
Cisco
Status
Unified Communications Manager Im And Presence Service
Vendor
CVE Published:
1 August 2015

Summary

Cross-site scripting (XSS) vulnerability in Cisco IM and Presence Service before 10.5 MR1 allows remote attackers to inject arbitrary web script or HTML by constructing a crafted URL that leverages incomplete filtering of HTML elements, aka Bug ID CSCut41766.

References

http://www.securitytracker.com/id/1033171
vdb-entryx_refsource_SECTRACK
http://tools.cisco.com/security/center/viewAlert.x?alertI...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.