Cross-site scripting (XSS) vulnerability in the Guest Server in Cisco Jabber allows remote attackers to inject arbitrary web script or HTML via a (1) GET or (2) POST parameter, aka Bug ID CSCus08074.
Max CVSS
4.3
EPSS Score
0.22%
Published
2014-12-23
Updated
2017-01-03
Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages in the Application Software in Cisco Unified Communications Domain Manager 8 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCur19651, CSCur18555, CSCur19630, and CSCur19661.
Max CVSS
4.3
EPSS Score
0.19%
Published
2014-12-22
Updated
2017-01-03
Cross-site scripting (XSS) vulnerability in the WebVPN Portal Login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via crafted attributes in a cookie, aka Bug ID CSCuh24695.
Max CVSS
4.3
EPSS Score
0.14%
Published
2014-12-18
Updated
2023-08-11
Cross-site scripting (XSS) vulnerability in the web framework in Cisco Prime Optical 10 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuq80763.
Max CVSS
6.8
EPSS Score
0.36%
Published
2014-10-19
Updated
2015-09-10
The Clientless SSL VPN portal customization framework in Cisco ASA Software 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.6 before 8.6(1.14), 9.0 before 9.0(4.24), 9.1 before 9.1(5.12), and 9.2 before 9.2(2.4) does not properly implement authentication, which allows remote attackers to modify RAMFS customization objects via unspecified vectors, as demonstrated by inserting XSS sequences or capturing credentials, aka Bug ID CSCup36829.
Max CVSS
4.3
EPSS Score
0.15%
Published
2014-10-10
Updated
2023-08-15
Multiple cross-site scripting (XSS) vulnerabilities in the CCM Service interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90597.
Max CVSS
4.3
EPSS Score
0.27%
Published
2014-10-31
Updated
2017-08-29
Multiple cross-site scripting (XSS) vulnerabilities in the CCM admin interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90582.
Max CVSS
4.3
EPSS Score
0.26%
Published
2014-10-31
Updated
2017-08-29
Multiple cross-site scripting (XSS) vulnerabilities in the CCM Dialed Number Analyzer interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCup92550.
Max CVSS
4.3
EPSS Score
0.26%
Published
2014-10-31
Updated
2017-08-29
Multiple cross-site scripting (XSS) vulnerabilities in the CCM reports interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90589.
Max CVSS
4.3
EPSS Score
0.26%
Published
2014-10-31
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in the vCloud Director component in Cisco Nexus 1000V InterCloud for VMware allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuq90524.
Max CVSS
4.3
EPSS Score
0.25%
Published
2014-09-20
Updated
2017-08-29
Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Prime Security Manager (aka PRSM) 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML via a (1) Access Policies or (2) Device Summary Dashboard parameter, aka Bug ID CSCuq80661.
Max CVSS
4.3
EPSS Score
0.14%
Published
2014-12-13
Updated
2014-12-16
Cross-site scripting (XSS) vulnerability in the web framework in Cisco Unified Communications Manager (UCM) 9.1(2.10000.28) allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuq68443.
Max CVSS
3.5
EPSS Score
0.14%
Published
2014-09-12
Updated
2017-08-29
Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuq31129, CSCuq31134, CSCuq31137, and CSCuq31563.
Max CVSS
4.3
EPSS Score
0.26%
Published
2014-08-28
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in the web-server component in Cisco Prime Data Center Network Manager (DCNM) 6.3(2) and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum86620.
Max CVSS
4.3
EPSS Score
0.16%
Published
2014-07-29
Updated
2017-08-29
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Customer Voice Portal (CVP) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug IDs CSCuh61711, CSCuh61720, CSCuh61723, CSCuh61726, CSCuh61727, CSCuh61731, and CSCuh61733.
Max CVSS
4.3
EPSS Score
0.13%
Published
2014-07-19
Updated
2017-01-12
Multiple cross-site scripting (XSS) vulnerabilities in the login page in the administrative web interface in Cisco TelePresence Server Software 4.0(2.8) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCup90060.
Max CVSS
4.3
EPSS Score
0.21%
Published
2014-07-26
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCup76308.
Max CVSS
4.3
EPSS Score
0.25%
Published
2014-07-10
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in the web user interface on Cisco Small Business SPA300 and SPA500 phones allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuo52582.
Max CVSS
4.3
EPSS Score
0.26%
Published
2014-07-09
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in the web management interface in Cisco AsyncOS on the Email Security Appliance (ESA) 8.0, Web Security Appliance (WSA) 8.0 (.5 Hot Patch 1) and earlier, and Content Security Management Appliance (SMA) 8.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, as demonstrated by the date_range parameter to monitor/reports/overview on the IronPort ESA, aka Bug IDs CSCun07998, CSCun07844, and CSCun07888.
Max CVSS
4.3
EPSS Score
0.30%
Published
2014-06-10
Updated
2018-10-30
Cross-site scripting (XSS) vulnerability in the web framework in Cisco Security Manager 4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun65189.
Max CVSS
4.3
EPSS Score
0.22%
Published
2014-05-26
Updated
2015-09-16
Cross-site scripting (XSS) vulnerability in the Auto Update Server (AUS) web framework in Cisco Security Manager 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuo06900.
Max CVSS
4.3
EPSS Score
0.13%
Published
2014-05-20
Updated
2016-09-07
Cross-site scripting (XSS) vulnerability in Cisco Unified Web and E-mail Interaction Manager 9.0(2) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuj43033.
Max CVSS
4.3
EPSS Score
0.19%
Published
2014-05-20
Updated
2015-09-16
Cross-site scripting (XSS) vulnerability in the web framework in Cisco Broadcast Access Center for Telco and Wireless (aka BAC-TW) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun91113.
Max CVSS
4.3
EPSS Score
0.14%
Published
2014-05-07
Updated
2015-08-13
Cross-site scripting (XSS) vulnerability in the Web Inbox in Cisco Unity Connection 8.6(2a)SU3 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui33028.
Max CVSS
4.3
EPSS Score
0.19%
Published
2014-04-02
Updated
2015-09-16
Cross-site scripting (XSS) vulnerability in the WebVPN login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun19025.
Max CVSS
4.3
EPSS Score
0.19%
Published
2014-03-19
Updated
2023-08-11
38 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!