Lucene search
CiscoCVELIST:CVE-2018-0444HistoryOct 05, 2018 - 2:00 p.m.
CVE-2018-0444 Cisco Packaged Contact Center Enterprise Cross-Site Scripting Vulnerability
2018-10-0514:00:00
CWE-352
cisco
www.cve.org
2
A vulnerability in the web-based management interface of Cisco Packaged Contact Center Enterprise could allow an unauthenticated, remote attacker to conduct a stored XSS attack against a user of the interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a customized link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive browser-based information.
CNA Affected
[
{
"product": "Cisco Packaged Contact Center Enterprise",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
]Related
nvd
nvd
CVE-2018-0444
2018-10-05 14:29:02
cve
cve
CVE-2018-0444
2018-10-05 14:29:02
prion
prion
Input validation
2018-10-05 14:29:00
cisco
cisco
Multiple Vulnerabilities in Cisco Packaged Contact Center Enterprise
2018-09-05 16:00:00