PT-2016-4701 · Cisco · Cisco Jabber Guest Server
Publicado
2016-02-06
·
Atualizado
2016-12-06
·
CVE-2016-1311
CVSS v3.1
6.1
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco Jabber Guest Server version 10.6(8)
Description
A cross-site scripting (XSS) issue exists in the management interface, allowing remote attackers to inject arbitrary web script or HTML via the
host tag parameter.Recommendations
For Cisco Jabber Guest Server version 10.6(8), consider restricting access to the management interface until a fix is available. As a temporary workaround, avoid using the
host tag parameter in the management interface to minimize the risk of exploitation.Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Jabber Guest Server