2 matches found
CVE-2014-4308
Multiple cross-site scripting XSS vulnerabilities in NICE Recording eXpress aka Cybertech eXpress before 6.5.5 allow remote attackers to inject arbitrary web script or HTML via the 1 USRLNM parameter to myaccount/mysettings.edit.validate.asp or the frame parameter to 2...
CVE-2014-4308
NICE Recording eXpress (Cybertech eXpress) is affected prior to version 6.5.5 by multiple XSS vulnerabilities. The issues arise from input in the USRLNM parameter (myaccount/mysettings.edit.validate.asp) and several _ifr/ iframe.picker.* endpoints (statchannels, channelgroups, extensions, license...