Lucene search
RootSSV:62039HistoryApr 02, 2014 - 12:00 a.m.
Cisco Unity Connection Web Inbox跨站脚本漏洞
2014-04-0200:00:00
Root
www.seebug.org
11
EPSS
0.002
Percentile
56.7%
CVE ID:CVE-2014-2125
Cisco Unity Connection是运行在Linux-based Cisco Unified Communications操作系统上的功能强大的语音消息通讯平台。
由于某些关于网页收件箱的输入在返回用户前没有正确过滤,攻击者可以利用漏洞在受影响站点上下文的用户浏览器会话中执行任意HTML 和脚本代码。
0
Cisco Unity Connection 8.x
目前厂商已经发布了升级补丁以修复漏洞,请下载使用:
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2125
Related
prion
prion
Cross site scripting
2014-04-02 03:58:00
cvelist
cvelist
CVE-2014-2125
2014-04-02 01:00:00
nvd
nvd
CVE-2014-2125
2014-04-02 03:58:17
cisco
cisco
Cisco Unity Connection Cross-Site Scripting Vulnerability
2014-04-01 18:55:42
cve
cve
CVE-2014-2125
2014-04-02 03:58:17