4 matches found
CVE-2014-2125
Cross-site scripting XSS vulnerability in the Web Inbox in Cisco Unity Connection 8.62aSU3 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui33028...
Cross site scripting
Cross-site scripting XSS vulnerability in the Web Inbox in Cisco Unity Connection 8.62aSU3 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui33028...
CVE-2014-2125
Cisco Unity Connection Web Inbox v8.6(2a)SU3 and earlier are affected by a cross-site scripting (XSS) vulnerability caused by insufficient input validation on a web inbox parameter. An unauthenticated, remote attacker could lure a user to a crafted link, allowing execution of arbitrary HTML/JavaS...
CVE-2014-2125
Cross-site scripting XSS vulnerability in the Web Inbox in Cisco Unity Connection 8.62aSU3 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui33028...