Avaya · Ip Office Application Server · CVE-2019-7004
**Name of the Vulnerable Software and Affected Versions**
IP Office Application Server versions 11.x
**Description**
A Cross-Site Scripting (XSS) issue in the WebUI component could allow unauthorized code execution and potentially disclose sensitive information.
**Recommendations**
For versions 11.x, update to a version that includes the fix for this issue, as all versions within this range are affected.