Cross-Site Scripting Vulnerability in Cisco Unified Email Interaction Manager and Unified Web Interaction Manager
CVE-2015-6416

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Web And E-mail Interaction Manager
Vendor: CVE Published:; 14 December 2015

Summary

The vulnerability allows remote attackers to execute arbitrary web scripts or HTML by injecting malicious code through crafted URLs targeting Cisco Unified Email Interaction Manager and Unified Web Interaction Manager versions 11.0(1). This could result in unauthorized actions performed on behalf of users, leading to potential data breaches and compromised user information. Security measures should be implemented to mitigate the risks associated with this vulnerability.

References

http://www.securitytracker.com/id/1034382

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/79034

vdb-entryx_refsource_BID

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Dec 14, 2015
Vulnerability Reserved
Aug 17, 2015