Security Advisory

CVE-2014-3428

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-06-16 18:00:00

Last updated 2024-08-06 10:43:05

Assigner mitre

State PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary web script or HTML via the model parameter to servlet.

← Browse all CVEs View on cve.org ↗