CVE-2015-0762

Name of the Vulnerable Software and Affected Versions Cisco Unified MeetingPlace versions 8.6(1.2) through 8.6(1.9)

Description A cross-site scripting (XSS) issue exists in the management interface, allowing remote attackers to inject arbitrary web script or HTML via a crafted value in a URL.

Recommendations For versions 8.6(1.2) through 8.6(1.9), consider restricting access to the management interface until a fix is available. As a temporary workaround, avoid using crafted URLs that could exploit this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.