Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCuy75020 and CSCuy81652.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:56
Type | Values Removed | Values Added |
---|---|---|
References | () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ucis1 - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/93422 - | |
References | () http://www.securitytracker.com/id/1036951 - |
Information
Published : 2016-10-06 10:59
Updated : 2024-11-21 02:56
NVD link : CVE-2016-6425
Mitre link : CVE-2016-6425
CVE.ORG link : CVE-2016-6425
JSON object : View
Products Affected
cisco
- unified_intelligence_center
- unified_contact_center_express
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')