CVE-2015-4294
CVE-2015-4294 affects Cisco IM and Presence Service before 10.5 MR1, a reflected XSS due to incomplete filtering of HTML/script tags in crafted URLs. This could allow an unauthenticated remote attacker to execute arbitrary script in an authenticated user’s browser. Cisco's advisory notes a softwa...