CVE-2022-37462

A stored Cross-Site Scripting XSS vulnerability in the Chat gadget in Upstream Works Agent Desktop for Cisco Finesse through 4.2.12 and 5.0 allows remote attackers to inject arbitrary web script or HTML via AttachmentId in the file-upload details...

CVE-2022-37462

A stored Cross-Site Scripting XSS vulnerability in the Chat gadget in Upstream Works Agent Desktop for Cisco Finesse through 4.2.12 and 5.0 allows remote attackers to inject arbitrary web script or HTML via AttachmentId in the file-upload details...

CVE-2022-37462

CVE-2022-37462 describes a stored XSS in the Chat gadget of Upstream Works Agent Desktop for Cisco Finesse via the AttachmentId in file-upload details. Affected: Upstream Works Agent Desktop for Cisco Finesse versions 4.2.12 and earlier, and 5.0. Root cause: insecure handling of AttachmentId in f...

Cisco Finesse 跨站脚本漏洞

Cisco Finesse is a suite of call center management software from Cisco. A security vulnerability exists in Upstream Works for Cisco Finesse version 4.2.12 and earlier, and version 5.x prior to 5.3, which stems from the presence of a stored cross-site scripting XSS vulnerability...