CVE-2016-1298

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Contact Center Express 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via vectors related to permalinks, aka Bug ID CSCux92033.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:unified_contact_center_express:10.0\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_contact_center_express:10.5\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_contact_center_express:10.6\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_contact_center_express:11.0\(1\):*:*:*:*:*:*:*

History

No history.

Information

Published : 2016-01-26 05:59

Updated : 2024-02-04 18:53


NVD link : CVE-2016-1298

Mitre link : CVE-2016-1298

CVE.ORG link : CVE-2016-1298


JSON object : View

Products Affected

cisco

  • unified_contact_center_express
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')