Weakness Name | Source | |
---|---|---|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Metrics | Score | Severity | CVSS Vector | Source |
---|---|---|---|---|
V2 | 4.3 | AV:N/AC:M/Au:N/C:N/I:P/A:N | [email protected] |
Cisco>>Unified_communications_manager >> Version 4.2.3sr2
Cisco>>Unified_communications_manager >> Version 4.2.3sr2b
Cisco>>Call_manager >> Version 3.3\(5\)sr1
Cisco>>Call_manager >> Version 3.3\(5\)sr2
Cisco>>Call_manager >> Version 3.3\(5\)sr2a
Cisco>>Call_manager >> Version 4.1
Cisco>>Call_manager >> Version 4.1\(3\)sr1
Cisco>>Call_manager >> Version 4.1\(3\)sr2
Cisco>>Call_manager >> Version 4.1\(3\)sr3
Cisco>>Call_manager >> Version 4.1\(3\)sr4
Cisco>>Call_manager >> Version 4.2
Cisco>>Call_manager >> Version 4.2\(1\)
Cisco>>Call_manager >> Version 4.2\(2\)
Cisco>>Call_manager >> Version 4.2\(3\)
Cisco>>Call_manager >> Version 4.2\(3\)sr1
Cisco>>Call_manager >> Version 4.2\(3\)sr2
Cisco>>Call_manager >> Version 4.3
Cisco>>Call_manager >> Version 4.3\(1\)
Cisco>>Call_manager >> Version 4.3\(1\)sr1