Cisco Unifed Contact Center Express Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to conduct a stored XSS attack on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to improper sanitization of user input to the web-based management interface. An attacker could exploit this vulnerability by submitting a malicious script through the interface. A successful exploit could allow the attacker to conduct a stored XSS attack on the affected system.

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

Cisco Unified CCX 跨站脚本漏洞

Cisco Unified CCX是美国思科（Cisco）公司的一款联络中心软件。 Cisco Unified CCX存在跨站脚本漏洞，该漏洞源于用户输入清理不当，可能导致存储型跨站脚本攻击。

N/A

N/A