CVE-2019-12710
CVE-2019-12710 is a SQL injection flaw in Cisco Unified Communications Manager (and Session Management Edition). An authenticated, remote attacker can exploit improper validation of input in SQL queries by sending crafted requests to the web-based interface, potentially revealing data from the da...