Lucene search
China National Vulnerability DatabaseCNVD-2023-93328HistoryNov 24, 2023 - 12:00 a.m.
Cisco IP Phone Cross-Site Scripting Vulnerability
2023-11-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
cisco
ip phone
cross-site scripting
vulnerability
web-based management
exploitation
arbitrary script
html injection
Cisco IP Phone is a hardware device from the American company Cisco (Cisco). IP Phone that provides calling capabilities. Cisco IP Phones suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the web-based management interface, which can be exploited by an attacker to execute arbitrary web script or HTML by injecting a carefully crafted payload.
Related
cve
cve
CVE-2023-20265
2023-11-21 19:15:08
nvd
nvd
CVE-2023-20265
2023-11-21 19:15:08
cisco
cisco
Cisco IP Phone Stored Cross-Site Scripting Vulnerability
2023-11-15 16:00:00
nessus
nessus
Cisco IP Phone Stored XSS (cisco-sa-uipphone-xss-NcmUykqA)
2023-12-06 00:00:00
Cisco IP Phones Stored Cross-Site Scripting (CVE-2023-20265)
2024-03-18 00:00:00
prion
prion
Cross site scripting
2023-11-21 19:15:00
cvelist
cvelist
CVE-2023-20265
2023-11-21 18:45:33