7 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in Cisco Unified Email Interaction Manager and Unified Web Interaction Manager 11.01 allows remote attackers to inject arbitrary web script or HTML a crafted URL, aka Bug ID CSCuw24479...
CVE-2015-6416
CVE-2015-6416 is a cross-site scripting (XSS) vulnerability in Cisco’s Unified Email Interaction Manager and Unified Web Interaction Manager version 11.0(1). The issue arises from insufficient sanitization of user-supplied input in the web interface, allowing an unauthenticated, remote attacker t...
CVE-2015-0753
SQL injection vulnerability in Cisco Unified Email Interaction Manager EIM and Unified Web Interaction Manager WIM 9.02 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu30028...
CVE-2015-0655
Cross-site scripting XSS vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184...
Cross site scripting
Cross-site scripting XSS vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184...
CVE-2015-0655
Cross-site scripting XSS vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184...
CVE-2015-0655
CVE-2015-0655 affects Cisco Unified Web and E‑Mail Interaction Manager (Unified Web Interaction Manager). The vulnerability is an XSS due to lack of input sanitization, exploitable by an unauthenticated, remote attacker who entices a user to submit a crafted POST request to the web interface. Imp...