Cross-Site Scripting Vulnerabilities in Cisco Finesse by Cisco
CVE-2015-4310

Currently unrated

Key Information:

Vendor: Cisco
Status: Finesse
Vendor: CVE Published:; 19 August 2015

What is CVE-2015-4310?

Cisco Finesse 10.5(1) is exposed to multiple cross-site scripting flaws that allow remote attackers to inject arbitrary web scripts or HTML content. These vulnerabilities can be exploited via certain parameters in GET and POST requests, potentially compromising the security of the affected systems. Organizations utilizing Cisco Finesse should implement necessary security measures to mitigate the risks associated with these vulnerabilities.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/76407

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1033331

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 19, 2015
Vulnerability Reserved
Jun 4, 2015