漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities
Vulnerability Description
A vulnerability in the web-based management interface of Cisco Finesse, Cisco Packaged Contact Center Enterprise (Packaged CCE), Cisco Unified Contact Center Enterprise (Unified CCE), Cisco Unified Contact Center Express (Unified CCX), and Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. This vulnerability exists because the web-based management interface of an affected system does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Cisco多款产品 跨站脚本漏洞
Vulnerability Description
Cisco Finesse等都是美国思科(Cisco)公司的产品。Cisco Finesse是一套呼叫中心管理软件。Cisco Unified Contact Center Enterprise是一个统一联络中心。Cisco Packaged Contact Center Enterprise是一个客户接触中心系统。 Cisco多款产品存在跨站脚本漏洞,该漏洞源于基于Web的管理界面未充分验证用户输入,可能导致跨站脚本攻击。以下产品受到影响:Cisco Finesse、Cisco Packaged Con
CVSS Information
N/A
Vulnerability Type
N/A