Cross-Site Scripting Vulnerability in Cisco Unified Intelligence Center
CVE-2016-6425

6.1MEDIUM

Key Information:

Vendor: Cisco
Status: Unified Contact Center Express; Unified Intelligence Center
Vendor: CVE Published:; 6 October 2016

What is CVE-2016-6425?

A cross-site scripting (XSS) vulnerability exists in Cisco Unified Intelligence Center (CUIC) versions 8.5.4 through 9.1(1) and Unified Contact Center Express versions 10.0(1) through 11.0(1). This vulnerability allows remote attackers to inject arbitrary web scripts or HTML via specially crafted URLs, potentially compromising the integrity of web applications and user data. Identified as to Bug IDs CSCuy75020 and CSCuy81652, it highlights the importance of securing web interfaces against malicious input.