2 matches found
Cisco Finesse Appliance Multiple Cross-Site Scripting Vulnerabilities (Cisco-SA-20150818-CVE-2015-4310)
According to its self-reported version, the Cisco Finesse appliance is affected by multiple cross-site scripting XSS vulnerabilities exist due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to...
CVE-2015-4310
CVE-2015-4310 affects Cisco Finesse 10.5(1) with multiple cross-site scripting (XSS) vulnerabilities arising from improper validation of user input in HTTP GET/POST parameters. An unauthenticated, remote attacker could lure a user to a crafted link and execute arbitrary script in the browser cont...