2 matches found
CVE-2019-16025
CVE-2019-16025 affects Cisco Emergency Responder’s web-based management interface. The root cause is insufficient validation of user-supplied input in the web server, enabling an authenticated, remote attacker to perform a cross-site scripting (XSS) attack. Exploitation involves persuading a user...
Cisco Emergency Responder CVE-2019-16025 HTML Injection Vulnerability
Description Cisco Emergency Responder is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to...