4 matches found
CVE-2011-2545
Cross-site scripting XSS vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows remote attackers to inject arbitrary web script or HTML via the FROM field of an INVITE message, aka...
Cross site scripting
Cross-site scripting XSS vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows remote attackers to inject arbitrary web script or HTML via the FROM field of an INVITE message, aka...
CVE-2011-2545
CVE-2011-2545 is a cross-site scripting (XSS) vulnerability in the SIP INVITE FROM field handling of Cisco SPA 8000/8800 (before 6.1.11), SPA2102 and SPA3102 (before 5.2.13), and SPA 500 series IP phones (before 7.4.9). Root cause: lack of input sanitization in the SIP INVITE FROM field. Impact: ...
CVE-2011-2545
Cross-site scripting XSS vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows remote attackers to inject arbitrary web script or HTML via the FROM field of an INVITE message, aka...