CVE-2014-3363
CVE-2014-3363 is an XSS vulnerability in Cisco Unified Communications Manager (UCM) web framework, affecting version 9.1(2.10000.28). It allows an authenticated, remote attacker to inject arbitrary web script or HTML via an unspecified parameter. The root cause is insufficient validation of the p...