Adrian Von Arx

**Name of the Vulnerable Software and Affected Versions** Avaya Equinox Conferencing versions 9.x before 9.1.10 **Description** A Cross Site Scripting (XSS) vulnerability on the Unified Portal Client (web client) used in Avaya Equinox Conferencing can allow an authenticated user to perform XSS attacks. **Recommendations** For versions 9.x before 9.1.10, update to version 9.1.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the Unified Portal Client (web client) until a patch is applied.