Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2013-1114

Published: 13/02/2013 Updated: 14/02/2013
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Unity Express Software

Vulnerability Summary

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unity Express prior to 8.0 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud87527.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco unity express software 2.0

cisco unity express software 1.1.1

cisco unity express software 2.1.1

cisco unity express software 2.1.2

cisco unity express software 7.2

cisco unity express software 7.3

cisco unity express software 7.0

cisco unity express software 7.1

cisco unity express software 3.1

cisco unity express software 2.3

cisco unity express software 2.1

cisco unity express software 1.1.2

cisco unity express software

cisco unity express software 3.2

cisco unity express software 3.0

cisco unity express software 2.2.2

cisco unity express software 2.2

Vendor Advisories

Cisco: Cisco Unity Express Cross-Site Scripting Vulnerabilities
Cisco Unity Express contains multiple vulnerabilities that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks The vulnerabilities are due to insufficient sanitization of user-supplied input processed by the Cisco Unity Express software An unauthenticated, remote attacker could exploit these vulnerabilities by ...

Exploits

Exploit DB: Cisco Unity Express - Multiple Vulnerabilities
# Exploit Title: Cisco Unity Express Multiple Vulnerabilities # Reported: December 2012 # Disclosed: February 2013 # Author: Jacob Holcomb of Independent Security Evaluators # CVE: XSS - CVE-2013-1114 and CSRF - CVE-2013-1120 # infosec42blogspotcom/2013/02/cisco-unity-express-vulnerabiliteshtml Cisco Advisory toolsciscocom/secur ...
Exploit DB: Cisco Unity Express Cross Site Request Forgery / Cross Site Scripting
Cisco Unity suffers from cross site request forgery and cross site scripting vulnerabilities ...

References

CWE-79http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1114https://nvd.nist.govhttps://www.exploit-db.com/exploits/24449/http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20130201-CVE-2013-1114
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXECVE-2024-34490SQL injectionCVE-2024-34488CVE-2024-4507CVE-2023-7028CVE-2024-23187TCPCVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook