Cisco Unified Contact Center Express 12.5(1) SU2 ES05

CPE Details

Cisco Unified Contact Center Express 12.5(1) SU2 ES05
cisco
unified_contact_center_express
12.5\(1\)_su2_es05
2023-01-30
17h44 +00:00
2023-03-03
14h00 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cisco:unified_contact_center_express:12.5\(1\)_su2_es05:*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

unified_contact_center_express

Version

12.5\(1\)_su2_es05

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-20096 2023-04-04 22h00 +00:00 A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack. This vulnerability is due to insufficient input validation of user-supplied data. An attacker could exploit this vulnerability by entering crafted text into various input fields within the web-based management interface. A successful exploit could allow the attacker to perform a stored XSS attack, which could allow the execution of scripts within the context of other users of the interface.
5.4
Medium
CVE-2021-1463 2021-04-08 04h06 +00:00 A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
6.1
Medium