Cisco Unity Connection Web Framework Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Unity Connection UC could allow an unauthenticated, remote attacker to execute a cross-site scripting XSS attack. The vulnerability is due to insufficient input validation of user-supplied input. An attacker could exploit this vulnerability by...

Cisco Unity Connection Cross-Site Request Forgery Vulnerability

Cisco Unity Connection is a feature-rich voice mail platform. A cross-site request forgery vulnerability exists in Cisco Unity Connection 11.5 0.98. A remote attacker can exploit this vulnerability to submit arbitrary requests to an affected device, hijacking the authentication of arbitrary users...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Cisco Unity Connection 11.50.98 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCux24578...

CVE-2015-6408

Cross-site request forgery CSRF vulnerability in Cisco Unity Connection 11.50.98 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCux24578...

CVE-2015-6408

Cross-site request forgery CSRF vulnerability in Cisco Unity Connection 11.50.98 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCux24578...

CVE-2015-6408

CVE-2015-6408 affects Cisco Unity Connection 11.5(0.98) and is a CSRF vulnerability caused by lack of CSRF protections, enabling remote attackers to hijack the authentication of arbitrary users. Impact and conditions are as described in Cisco’s advisory; no software updates were released at the t...

Cisco Unity Connection Cross-Site Request Forgery Vulnerability

A cross-site request forgery CSRF vulnerability in Cisco Unity Connection could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of CSRF protections by an affected device. An attacker could exploit this vulnerability by convincing a user to...

Cisco Unity Connection cross-site scripting Vulnerability(CVE-2 0 1 5-6 3 9 0)-vulnerability warning-the black bar safety net

CVECAN ID: CVE-2 0 1 5-6 3 9 0 Cisco Unity Connection is a feature-rich voice mail platform, using Linux Unified Communicationsoperating system. Cisco Unity Connection 9.11.10the Management Interface cross-site scripting vulnerability, the remote attacker via a URL within the structure of the...

Cisco Unity Connection Cross-Site Scripting Vulnerability

Cisco Unity Connection is the United States Cisco Cisco a set of voice message platform. The platform can utilize voice commands to make calls or listen to messages in a "hands-free" manner. A cross-site scripting vulnerability exists in the administrative interface of Cisco Unity Connection...

Cisco Unity Connection跨站脚本漏洞

No description provided by source...

CVE-2015-6390

Cross-site scripting XSS vulnerability in the management interface in Cisco Unity Connection 9.11.10 allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCup92741...

Cross site scripting

Cross-site scripting XSS vulnerability in the management interface in Cisco Unity Connection 9.11.10 allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCup92741...

CVE-2015-6390

Cisco Unity Connection 9.1(1.10) management interface vulnerable to cross-site scripting (XSS) via crafted URLs. Root cause: insufficient input validation. Impact: partial integrity exposure; no explicit availability impact. Exploitation details: remote attacker could inject arbitrary script in t...

CVE-2015-6390

Cross-site scripting XSS vulnerability in the management interface in Cisco Unity Connection 9.11.10 allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCup92741...

Cisco WebEx for Android Security Patch

Cisco has been busy the last two days pushing out a patch and security advisories for a number of its products, including a fix for a remotely exploitable vulnerability in its WebEx Meetings mobile application for Android. Cisco said the vulnerability affects versions prior to 8.5.1 of the app, a...

Cisco Unity Connection Cross-Site Scripting Vulnerability

A vulnerability in the HTTP web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to insufficient input validation...

Cisco Unity Connection Web Interface SQL Injection Vulnerability

Cisco Unity Connection is a feature-rich voice messaging platform that uses the Linux Unified Communications operating system. A SQL injection vulnerability exists in the web interface of Cisco Unity Connection 9.11.2 and earlier versions, which can be exploited by a remote attacker to execute...

CVE-2015-6299

SQL injection vulnerability in the web interface in Cisco Unity Connection 9.11.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted POST request, aka Bug ID CSCuv63824...

Sql injection

SQL injection vulnerability in the web interface in Cisco Unity Connection 9.11.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted POST request, aka Bug ID CSCuv63824...

CVE-2015-6299

Cisco Unity Connection web interface SQL injection (CVE-2015-6299) affects Cisco Unity Connection versions 9.1(1.2) and earlier. The vulnerability stems from lack of input validation in SQL queries, allowing an authenticated, remote attacker to execute arbitrary SQL commands via a crafted HTTP PO...