2 matches found
CVE-2021-1408 Cisco Unified Communications Products Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, Cisco Unified Communications Manager Session Management Edition Unified CM SME, and Cisco Unity Connection...
CVE-2021-1408
CVE-2021-1408 covers multiple XSS flaws in Cisco Unified Communications products (CUCM, Unified CM IM&P, Unified CM SME, Unity Connection). Root cause: web-based management interfaces fail to properly validate user input, enabling unauthenticated remote attackers to entice users to click crafted ...