2 matches found
CVE-2019-1685
Cisco Unity Connection (version 12.5) exposes a reflected XSS vulnerability in the SAML SSO interface due to insufficient input validation. An unauthenticated remote attacker can lure a user to click a crafted link, potentially executing arbitrary script in the interface context or accessing sens...
CVE-2019-1685 Cisco Unity Connection Reflected Cross-Site Scripting Vulnerability
A vulnerability in the Security Assertion Markup Language SAML single sign-on SSO interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. The vulnerability is due to...