Security Advisory

CVE-2022-37462

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-04-10 00:00:00

Last updated 2025-02-12 17:22:15

Assigner mitre

State PUBLISHED

Description

A stored Cross-Site Scripting (XSS) vulnerability in the Chat gadget in Upstream Works Agent Desktop for Cisco Finesse through 4.2.12 and 5.0 allows remote attackers to inject arbitrary web script or HTML via AttachmentId in the file-upload details.

← Browse all CVEs View on cve.org ↗