Vulnslist

Cisco product, release, and evidence lookup

CVE-2016-1298

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Contact Center Express 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via vectors related to permalinks, aka Bug ID CSCux92033.

SeverityMEDIUM
CVSS6.1
EPSS0.23% EPSS low
CWECWE-79
KEV
Published
Modified

Public Affected Products

Product Advisory Evidence
Cisco Unified Contact Center Express cisco-sa-20160125-ucce Cisco CSAF ยท structured affected