2 matches found
CVE-2013-1120
CVE-2013-1120 applies to Cisco Unity Express prior to version 8.0, with CSRF vulnerabilities that can allow remote attackers to hijack user authentication. The entry has a base CVSS v2 score of 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P). Remediation: OpenVAS data indicates a vendor fix (VendorFix) as the s...
CVE-2013-1114
Cisco Unity Express (Cisco Unity Express) affected by XSS vulnerabilities (CVE-2013-1114) in versions before 8.0. Attack vector is not fully specified in the provided documents; remote attacker can inject arbitrary web script or HTML via web interface. Root cause is described as cross-site script...