Cross-site scripting (XSS) vulnerability in the edit account page in the Web Server in Cisco Unified MeetingPlace Web Conferencing 6.0 prior to 6.0(517.0) (aka 6.0 MR4) and 7.0 prior to 7.0(2) (aka 7.0 MR1) allows remote authenticated users to inject arbitrary web script or HTML via the E-mail Address field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco unified meetingplace 6.0 |
||
cisco unified meetingplace 7.0 |