CVE-2014-3313

Cross-site scripting (XSS) vulnerability in the web user interface on Cisco Small Business SPA300 and SPA500 phones allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuo52582.

Severity	MEDIUM
CVSS	4.3
CWE	CWE-79
KEV
Published	11 years ago
Modified	1 week ago

Related Products

Product	Advisory	Evidence
Cisco Small Business SPA500 Series IP Phones	Cisco-SA-20140709-CVE-2014-3313	Cisco OpenVuln
Cisco Small Business SPA300 Series IP Phones	Cisco-SA-20140709-CVE-2014-3313	Cisco OpenVuln