Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the CCM Service interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90597...

CVE-2014-3375

Cisco’s CVE-2014-3375 affects the CCM Service interface of Cisco Unified Communications Manager Server. It enables unauthenticated remote attackers to perform reflected XSS through input validation gaps in HTTP GET/POST parameters, potentially affecting users of the web interface. Cisco’s advisor...