CVE-2006-3109
Cisco CallManager suffers a cross-site scripting (XSS) vulnerability in the Administration and User Options web interfaces. Affected versions are 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1). The issue stems from improper input sanitization in ccmadmin/phon...