Cross-Site Scripting Vulnerabilities in Cisco Emergency Responder
CVE-2015-6400

Currently unrated

Key Information:

Vendor: Cisco
Status: Emergency Responder
Vendor: CVE Published:; 13 December 2015

Summary

Cisco Emergency Responder versions are impacted by multiple cross-site scripting vulnerabilities, which allow attackers to inject arbitrary web scripts or HTML through unspecified input fields. This exploitation can lead to unauthorized actions on behalf of authenticated users, compromising the integrity of the application and the security of user data.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/78878

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Dec 13, 2015
Vulnerability Reserved
Aug 17, 2015