CVE-2014-3325
CVE-2014-3325 concerns multiple cross-site scripting (XSS) vulnerabilities in the Cisco Unified Customer Voice Portal (CVP) web interface. The root cause is insufficient input validation of a parameter used by web pages, enabling remote attackers to inject arbitrary script/HTML via crafted input....