jcf-ply.com Cross Site Scripting vulnerability OBB-1208382

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

CVE-2019-12645

CVE-2019-12645 concerns Cisco Jabber Client Framework (JCF) for Mac Software used by Cisco Jabber for Mac. Exploitation requires an authenticated, local attacker and relies on improper file-level permissions on the host running JCF for Mac, enabling arbitrary code execution or modification of con...

Cisco Jabber Client Framework for Mac Code Execution Vulnerability

A vulnerability in Cisco Jabber Client Framework JCF for Mac Software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to execute arbitrary code on an affected device The vulnerability is due to improper file level permissions on an affected devi...

Cross site scripting

A vulnerability in Cisco Jabber Client Framework JCF could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected system. The vulnerability is due to insufficient validation of user-supplied input of an affected client. An attacker could...

CVE-2018-0483

Cisco Jabber Client Framework (JCF) XSS vulnerability (CVE-2018-0483) arises from insufficient validation of user-supplied input, enabling an authenticated, remote attacker to run arbitrary JavaScript in the recipient’s Jabber client and potentially access client data. Affected software is Cisco ...

CVE-2018-0199

CVE-2018-0199 affects Cisco Jabber Client Framework (JCF) for Windows and Mac. The issue is improper neutralization of scripts in attributes in a web page, enabling an unauthenticated, remote attacker to execute arbitrary JavaScript in the Jabber client and potentially achieve remote code executi...

CVE-2018-0201

A vulnerability in Cisco Jabber Client Framework JCF could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected device. The vulnerability is due to improper neutralization of input during web page generation. An attacker could exploit...

CVE-2018-0201

CVE-2018-0201 is a cross-site scripting vulnerability in Cisco Jabber Client Framework (JCF). The issue arises from improper neutralization of input during web page generation, enabling an authenticated, remote attacker to trigger XSS by embedding media in instant messages. The exploit could caus...