Lucene search
AvayaCVELIST:CVE-2020-7033HistoryNov 12, 2020 - 11:55 p.m.
CVE-2020-7033 Avaya Equinox Conferencing XSS
2020-11-1223:55:11
CWE-79
avaya
www.cve.org
7
cross site scripting
avaya equinox conferencing
unified portal client
xss attacks
9.x versions
security vulnerability
CVSS3
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N
EPSS
0.001
Percentile
22.7%
A Cross Site Scripting (XSS) Vulnerability on the Unified Portal Client (web client) used in Avaya Equinox Conferencing can allow an authenticated user to perform XSS attacks. The affected versions of Equinox Conferencing includes all 9.x versions before 9.1.10.
CNA Affected
[
{
"product": "Avaya Equinox Conferencing",
"vendor": "Avaya",
"versions": [
{
"lessThan": "9.1.10",
"status": "affected",
"version": "9.x",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2020-7033
2020-11-13 00:15:11
nvd
nvd
CVE-2020-7033
2020-11-13 00:15:11
prion
prion
Cross site scripting
2020-11-13 00:15:00
CVSS3
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N
EPSS
0.001
Percentile
22.7%
Related for CVELIST:CVE-2020-7033