Total
25 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-4310 | 1 Cisco | 1 Finesse | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse 10.5(1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug IDs CSCuq82322, CSCut95853, and CSCuq73975. | |||||
CVE-2016-1307 | 1 Cisco | 2 Finesse, Unified Contact Center Express | 2024-02-04 | 5.5 MEDIUM | 5.4 MEDIUM |
The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and Unified Contact Center Express 10.6(1) has a hardcoded account, which makes it easier for remote attackers to obtain access via an XMPP session, aka Bug ID CSCuw79085. | |||||
CVE-2015-0714 | 1 Cisco | 1 Finesse | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse Server 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCut53595. | |||||
CVE-2013-3455 | 1 Cisco | 1 Finesse | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco Finesse allows remote attackers to obtain sensitive information by sniffing the network for HTTP query data, aka Bug ID CSCug16732. | |||||
CVE-2013-3457 | 1 Cisco | 1 Finesse | 2024-02-04 | 5.0 MEDIUM | N/A |
Absolute path traversal vulnerability in the web interface in Cisco Finesse allows remote attackers to read directory contents via a direct request to a directory URL, aka Bug ID CSCug16772. |