CVE-2015-4310

Name of the Vulnerable Software and Affected Versions Cisco Finesse version 10.5(1)

Description The issue allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in a GET or POST request.

Recommendations For Cisco Finesse version 10.5(1), update to a version that fixes the issue, as the current version allows for the injection of arbitrary web script or HTML, posing a significant risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.