Cisco Unified Communications Manager : Security vulnerabilities, CVEs xss, cross site scripting published in 2015

CVE-2015-4272

Multiple cross-site scripting (XSS) vulnerabilities in the ccmivr page in Cisco Unified Communications Manager (formerly CallManager) 10.5(2.10000.5) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCut19580.

Max CVSS

4.3

EPSS Score

0.11%

Published

2015-07-14

Updated

2016-12-28

CVE-2015-4206

Cisco Unified Communications Manager (UCM) 8.0 through 8.6 allows remote attackers to bypass an XSS protection mechanism via a crafted parameter, aka Bug ID CSCuu15266.

Max CVSS

4.3

EPSS Score

0.14%

Published

2015-12-15

Updated

2016-12-07

2 vulnerabilities found

Cisco » Unified Communications Manager : Security Vulnerabilities, CVEs, Published In 2015 (XSS)

CVE-2015-4272

CVE-2015-4206