XSS in Cisco Emergency_responder
CVE-2015-6400
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 10.5(1a) allow remote attackers to inject arbitrary web script or HTML via unspecified fields, aka Bug ID CSCuv25547.
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.003 (49.9th percentile) — read the EPSS interpretation.
Affected products
- Cisco Emergency_responder — versions 10.5\(1a\)
- N/a — versions n/a
Weakness classification (CWE)
References
- 20151210 Cisco Emergency Responder Web Framework Cross-Site Scripting Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
- 78878 (vdb-entry, x_refsource_BID)