10 matches found
CVE-2017-6762
A vulnerability in the web-based management interface of Cisco Jabber Guest Server 10.69, 11.00, and 11.01 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected software. The vulnerability ...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Jabber Guest Server 10.69, 11.00, and 11.01 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected software. The vulnerability ...
Cisco Jabber Guest Server Cross-Site Scripting Vulnerability
Cisco Jabber Guest Server is a suite of software that allows users to interact in real time with employees of the organization. A cross-site scripting vulnerability exists in the Cisco Jabber Guest Server WEB script, which allows remote attackers to exploit the vulnerability to inject malicious...
Design/Logic Flaw
A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to initiate connections to arbitrary hosts. More Information: CSCvc31635. Known Affected Releases: 10.69. Known Fixed Releases: 11.00...
CVE-2016-9224
Cisco Jabber Guest Server exposes an unauthenticated remote vector that enables connections to arbitrary hosts due to insufficient access control for HTTP traffic. Affected release: 10.6(9); fixed in 11.0(0). Advisory and public details (Cisco SA 2016-12-21) describe a URL-based vulnerability tha...
CVE-2016-9224
A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to initiate connections to arbitrary hosts. More Information: CSCvc31635. Known Affected Releases: 10.69. Known Fixed Releases: 11.00...
Cisco Jabber Guest Server HTTP URL Redirection Vulnerability
A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to initiate connections to arbitrary hosts. The vulnerability is due to insufficient access control for HTTP traffic directed to the Cisco Jabber Guest Server. An attacker could exploit this...
CVE-2016-1311
Cross-site scripting XSS vulnerability in the management interface in Cisco Jabber Guest Server 10.68 allows remote attackers to inject arbitrary web script or HTML via the host tag parameter, aka Bug ID CSCuy08224...
CVE-2016-1311
Cross-site scripting XSS vulnerability in the management interface in Cisco Jabber Guest Server 10.68 allows remote attackers to inject arbitrary web script or HTML via the host tag parameter, aka Bug ID CSCuy08224...
CVE-2014-8024
The API in the Guest Server in Cisco Jabber, when the HTML5 CORS feature is used, allows remote attackers to obtain sensitive information by sniffing the network during an HTTP 1 GET or 2 POST request, aka Bug ID CSCus19789...