EUVD-2018-3478

Malware in sbrugna...

CVE-2025-6235

CVE-2025-6235 affects ExtremeControl prior to 25.5.12, with an XSS in the login interface due to improper handling of user input in HTML attributes. The vulnerability can allow injected script to run in a user’s browser under certain interactions, potentially exposing user data or enabling unauth...

Design/Logic Flaw

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause an adversary to trick the interface user/admin into interacting with the application in an unintended way when the product does not implement restrictions on the ability to render within frames ...

Cross site scripting

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, Cisco Unified Communications Manager Session Management Edition Unified CM SME, and Cisco Unity Connection...

CVE-2021-1407 Cisco Unified Communications Products Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, Cisco Unified Communications Manager Session Management Edition Unified CM SME, and Cisco Unity Connection...