SQL Injection in Cisco Unified_presence_server

CVE-2013-6983

SQL injection vulnerability in the web interface in Cisco Unified Presence Server allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh35615.

Vulnerability class: SQL Injection

EPSS: 0.007 (71.3th percentile) — read the EPSS interpretation.