37 matches found
Cisco Unified Interaction Manager Web Interface Authorization Bypass Vulnerability
A vulnerability in the Cisco Unified Interaction Manager web interface could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. The vulnerability is due to insufficient validation of user-supplied data against the application authorization contr...
Cisco Unified Interaction Manager Web Interface Security Bypass Vulnerability
A vulnerability in the Cisco Unified Interaction Manager web interface could allow an authenticated, remote attacker to delete default system folders for the messaging queues. The vulnerability is due insufficient validation of user-supplied data against the application authorization control logi...
CVE-2015-0753
SQL injection vulnerability in Cisco Unified Email Interaction Manager EIM and Unified Web Interaction Manager WIM 9.02 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu30028...
Cisco Unified Email Interaction Manager and Cisco Unified Web Interaction Manager SQL Injection Vulnerability
A vulnerability in the Cisco Unified Email Interaction Manager EIM and Cisco Unified Web Interaction Manager WIM interface could allow an unauthenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries. The vulnerability is due to a lack of input...
Cisco Unified Web Interaction Manager Cross-Site Scripting Vulnerability
A vulnerability in Cisco Unified Web Interaction Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to a lack of input sanitization of the Cisco Unified Web...
Cisco Unified Web Interaction Manager Cross-Site Scripting Vulnerability
Cisco Unified Web and E-mail Interaction Manager are both products in Cisco's Customer Collaboration Contact Center.Web Interaction Manager is a product that helps call center agents answer customer questions using websites and text chat or real-time Web collaboration; E-mail Interaction Manager ...
CVE-2015-0655
Cross-site scripting XSS vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184...
Cross site scripting
Cross-site scripting XSS vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184...
CVE-2015-0655
CVE-2015-0655 affects Cisco Unified Web and E‑Mail Interaction Manager (Unified Web Interaction Manager). The vulnerability is an XSS due to lack of input sanitization, exploitable by an unauthenticated, remote attacker who entices a user to submit a crafted POST request to the web interface. Imp...
CVE-2015-0655
Cross-site scripting XSS vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184...
CVE-2014-2194
system/egain/chat/entrypoint in Cisco Unified Web and E-mail Interaction Manager 9.02 allows remote attackers to have an unspecified impact by injecting a spoofed XML external entity...
CVE-2014-2194
system/egain/chat/entrypoint in Cisco Unified Web and E-mail Interaction Manager 9.02 allows remote attackers to have an unspecified impact by injecting a spoofed XML external entity...
CVE-2014-2192
CVE-2014-2192 affects Cisco Unified Web and E-mail Interaction Manager 9.0(2). The issue is a cross-site scripting (XSS) vulnerability caused by insufficient input validation in a parameter, allowing an unauthenticated, remote attacker to inject arbitrary script or HTML via a crafted link. The Ci...
CVE-2014-2193
CVE-2014-2193 affects Cisco Unified Web and E-Mail Interaction Manager. Root cause: improper use of session identifiers in GET requests, enabling a remote attacker to inject conversation text by obtaining a valid session identifier. Affected products and impact are described in Cisco advisory and...
CVE-2014-2194
Cisco’s advisory CVE-2014-2194 affects Cisco Unified Web and E-mail Interaction Manager 9.0(2). The vulnerability is in the /system/egain/chat/entrypoint script, allowing unauthenticated, remote attackers to inject spoofed XML external entities due to inadequate input validation. Impact is descri...
Cisco Unified Web and E-mail Interaction Manager XML External Entities Vulnerability
A vulnerability in the /system/egain/chat/entrypoint script of Cisco Unified Web and E-mail Interaction Manager could allow an unauthenticated, remote attacker to inject malicious XML entities. The vulnerability is due to inadequate input validation. An attacker could exploit this vulnerability b...
Cross-Site Scripting Vulnerability in Interstage Portalworks and Interstage Interaction Manager Portal Function
Overview The portal function of Interstage Portalworks and Interstage Interaction Manager is vulnerable to cross-site scripting. Impact A remote attacker could execute arbitrary scripts on the affected browser. Solution Please refer to the 'Vendor Information' section for the official...