Code injection

Cisco Unified Communications Manager aka CallManager 9.12.10000.28, 10.52.10000.5, 10.52.12901.1, and 11.01.10000.10; Unified Communications Manager IM & Presence Service 10.52; Unified Contact Center Express 11.01; and Unity Connection 10.52 store a cleartext encryption key, which allows local...

CVE-2016-1310

Cross-site scripting XSS vulnerability in Cisco Unity Connection 11.50.199 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033...

CVE-2016-1310

Cross-site scripting XSS vulnerability in Cisco Unity Connection 11.50.199 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033...

Cross site scripting

Cross-site scripting XSS vulnerability in Cisco Unity Connection 11.50.199 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033...

CVE-2016-1310

Cross-site scripting XSS vulnerability in Cisco Unity Connection 11.50.199 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033...

CVE-2016-1310

CVE-2016-1310 refers to a Cross-Site Scripting (XSS) vulnerability in Cisco Unity Connection Web Framework affecting version 11.5(0.199) . The issue arises from insufficient input validation, enabling remote attackers to inject arbitrary web script or HTML via a crafted URL. Exploitation is possi...

Cisco Unity Connection Web Framework Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to execute a cross-site scripting XSS attack. The vulnerability is due to insufficient input validation of user-supplied input. An attacker could exploit this vulnerability by convincing...

Cisco Unity Connection Cross-Site Scripting Vulnerability (CNVD-2016-00827)

Cisco Unity Connection is a voice messaging platform. A cross-site scripting vulnerability exists in Cisco Unity Connection, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user session...

CVE-2016-1304

Cross-site scripting XSS vulnerability in Cisco Unity Connection 10.52.3009 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux82596...

CVE-2016-1304

Cross-site scripting XSS vulnerability in Cisco Unity Connection 10.52.3009 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux82596...

Cross site scripting

Cross-site scripting XSS vulnerability in Cisco Unity Connection 10.52.3009 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux82596...

CVE-2016-1304

Cisco Unity Connection 10.5(2.3009) is affected by a cross-site scripting (XSS) vulnerability (CVE-2016-1304) that allows remote attackers to inject arbitrary web script or HTML via a crafted value (Bug ID CSCux82596). Affected component is the HTTP web-based management interface; exploitation is...

CVE-2016-1304

Cross-site scripting XSS vulnerability in Cisco Unity Connection 10.52.3009 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux82596...

Cisco Unity Connection Cross-Site Scripting Vulnerability (CNVD-2016-00787)

Cisco Unity Connection is a voice messaging platform. A cross-site scripting vulnerability exists in Cisco Unity Connection, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user session...

Cisco Unity Connection User Search Cross-Site Scripting Vulnerability

A vulnerability in the HTTP web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the affected system's web interface. The vulnerability is due to insufficient input validation of a...

CVE-2016-1300

Cross-site scripting XSS vulnerability in Cisco Unity Connection UC 10.52.3009 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux82582...

CVE-2016-1300

Cross-site scripting XSS vulnerability in Cisco Unity Connection UC 10.52.3009 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux82582...

Cross site scripting

Cross-site scripting XSS vulnerability in Cisco Unity Connection UC 10.52.3009 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux82582...

CVE-2016-1300

CVE-2016-1300 affects Cisco Unity Connection (UC) 10.5(2.3009) Web Framework. The vulnerability is a cross-site scripting (XSS) flaw caused by insufficient input validation, allowing remote, unauthenticated attackers to inject arbitrary script/HTML through a crafted URL. Impact per sources: attac...

CVE-2016-1300

Cross-site scripting XSS vulnerability in Cisco Unity Connection UC 10.52.3009 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux82582...