Cisco Unified Communications Manager Vulnerable to Cross-Site Scripting Attacks
CVE-2024-20511
Currently unrated
What is CVE-2024-20511?
A weakness in the web management interface of Cisco Unified Communications Manager and its Session Management Edition could expose users to cross-site scripting (XSS) attacks. Due to inadequate validation of user-supplied input, an attacker could craft a malicious link designed to trick a user into clicking it. If successful, the attacker would be able to run arbitrary script code in the context of the compromised interface, potentially accessing sensitive information stored in the user's browser. This security flaw highlights the importance of stringent input validation in web-based management systems.