Security Advisory

CVE-2015-4294

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-08-01 01:00:00

Last updated 2024-08-06 06:11:12

Assigner cisco

State PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in Cisco IM and Presence Service before 10.5 MR1 allows remote attackers to inject arbitrary web script or HTML by constructing a crafted URL that leverages incomplete filtering of HTML elements, aka Bug ID CSCut41766.

← Browse all CVEs View on cve.org ↗