Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the edit account page in the Web Server in Cisco Unified MeetingPlace Web Conferencing 6.0 before 6.0(517.0) (aka 6.0 MR4) and 7.0 before 7.0(2) (aka 7.0 MR1) allows remote authenticated users to inject arbitrary web script or HTML via the E-mail Address field.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco Unified MeetingPlace 跨站脚本攻击漏洞
Vulnerability Description
Cisco Unified MeetingPlace是美国思科(Cisco)公司的一套多媒体会议解决方案。该方案提供了将语音、视频和Web会议集成在一起的用户环境。 Unified MeetingPlace允许用户修改自己的帐号设置,如名称、电话分机、邮件地址等。如果用户在配置文件页面设置了特制的E-mail Address字段的话,则其他用户在查看该用户的配置文件或该用户所创建会议的详细信息时就会导致跨站脚本攻击,在浏览器会话中执行所嵌入的恶意代码。
CVSS Information
N/A
Vulnerability Type
N/A