Cross-site scripting (XSS) vulnerability in Cisco IM and Presence Service prior to 10.5 MR1 allows remote malicious users to inject arbitrary web script or HTML by constructing a crafted URL that leverages incomplete filtering of HTML elements, aka Bug ID CSCut41766.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco unified communications manager im and presence service 9.0\\(1\\) |
||
cisco unified communications manager im and presence service 9.1\\(1\\) |
||
cisco unified communications manager im and presence service 10.5\\(1\\) |