CVE-2017-6762

Name of the Vulnerable Software and Affected Versions Cisco Jabber Guest Server versions 10.6(9) through 11.0(1)

Description The issue is related to insufficient validation of user-supplied input by the web-based management interface, which could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. An attacker could exploit this by persuading a user to click a crafted link, potentially allowing the execution of arbitrary script code or access to sensitive browser-based information.

Recommendations For versions 10.6(9) through 11.0(1), consider restricting access to the web-based management interface until a fix is available. As a temporary workaround, avoid clicking on crafted links from untrusted sources to minimize the risk of exploitation.