XSS in Cisco Telepresence_video_communication_servers
CVE-2011-3294
Cross-site scripting (XSS) vulnerability in the login page in the administrative interface on Cisco TelePresence Video Communication Servers (VCS) with software before X7.0 allows remote attackers to inject arbitrary web script or HTML via…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.003 (49.2th percentile) — read the EPSS interpretation.
Affected products
- Cisco Telepresence_video_communication_servers
- Cisco Telepresence_video_communication_servers_software — versions x5.2, x6.0
- N/a — versions n/a
Weakness classification (CWE)
References
- 50084 (vdb-entry, x_refsource_BID)
- cisco-telepresence-useragent-xss(70563) (vdb-entry, x_refsource_XF)
- 1026186 (vdb-entry, x_refsource_SECTRACK)
- 20111012 Cisco TelePresence Video Communication Server Cross-Site Scripting Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)