Cisco Unified MeetingPlace Template Cross-Site Scripting Vulnerability

Cisco Unified MeetingPlace versions prior to 5.3.235.0 contain a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks.

This vulnerability exists due to insufficient filtering of parameters by Cisco Unified MeetingPlace. An unauthenticated, remote attacker could exploit this vulnerability by convincing a user to follow a malicious link. When followed, the link could trigger the execution of arbitrary script code or HTML within a user’s browser session in the security context of the Cisco Unified MeetingPlace site.

Cisco confirmed this vulnerability in a security response and released updated software.

To exploit this vulnerability, an attacker must convince a user to follow a malicious URL, likely provided within an e-mail message. Prior to an exploit, the user must have a valid, logged-in session to the affected application or log in as part of an exploit attempt. As a result of successful exploitation, the attacker could execute arbitrary script code in the user’s browser session within the Cisco Unified MeetingPlace application. An exploit could allow the attacker to gain access to sensitive browser-based information or possibly take actions on the affected site as the user.

Software versions 5.3.333.0 and later have been corrected to return a properly formatted XML message.