3 matches found
Avaya IP Office Application Server 11.0.0.0 - Reflective Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Avaya IP Office Application Server 11.0.0.0 - Reflective Cross-Site Scripting Exploit Authors: Dan Bohan, Scott Goodwin, OCD Tech Vendor Homepage: https://www.avaya.com/en/ Software Link:...
Avaya IP Office Application Server 11.0.0.0 - Reflective Cross-Site Scripting
Exploit Title: Avaya IP Office Application Server 11.0.0.0 - Reflective Cross-Site Scripting Release Date: 2019-12-11 Exploit Authors: Dan Bohan, Scott Goodwin, OCD Tech Vendor Homepage: https://www.avaya.com/en/ Software Link: https://www.avaya.com/en/products/unified-communications/voip/...
CVE-2019-7004
Avaya IP Office Application Server 11.x WebUI is vulnerable to Cross-Site Scripting (XSS) in the login page (via POST) due to improper input sanitization. Exploitation exists (POST username) and could execute arbitrary JavaScript in a user’s browser. Affected versions include 11.x up to 11.0 FP4 ...