CVE-2014-3325

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Customer Voice Portal (CVP) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug IDs CSCuh61711, CSCuh61720, CSCuh61723, CSCuh61726, CSCuh61727, CSCuh61731, and CSCuh61733.

Data: Cisco advisories 1 day ago · Cisco CSAF 4 hours ago · NVD CVEs 7 hours ago · NVD CPEs 1 day ago · CISA KEV 1 day ago · EPSS 1 day ago

Severity	MEDIUM
CVSS	4.3
EPSS	0.40% EPSS medium
CWE	CWE-79
KEV
Published	11 years ago
Modified	2 weeks ago

Products with public affected evidence

Product	Advisory	Affected evidence
Cisco Unified Customer Voice Portal (CVP)	Cisco-SA-20140729-CVE-2014-3325	structured affected CSAF product_status