SLICAN WebCTI is a telephony application. SLICAN WebCTI version 1.01 2015 contains a cross-site scripting vulnerability that can be exploited by attackers to steal a userβs session by injecting malicious JavaScript code, which can lead to session hijacking and result in theft of the userβs credentials.