Code injection

Cisco Finesse 10.51 allows remote authenticated users to obtain sensitive information or cause a denial of service CPU and memory consumption via a crafted XML document, aka Bug ID CSCut95810...

CVE-2015-0754

Cisco Finesse 10.5(1) is affected by a vulnerability (CVE‑2015‑0754) due to improper processing of XML files. An authenticated remote attacker can cause a DoS (high CPU/memory usage) or obtain sensitive information by sending a crafted XML document. The vulnerability requires authentication and, ...