CNNVD-202510-044 Information
CNNVD ID
CNNVD-202510-044
Related CVE
- CNNVD Published: 2025-10-01
Description (Chinese)
Cisco Unified Communications Manager是美国思科(Cisco)公司的一款统一通信系统中的呼叫处理组件。该组件提供了一种可扩展、可分布和高可用的企业IP电话呼叫处理解决方案。 Cisco Unified Communications Manager存在跨站脚本漏洞,该漏洞源于基于Web的管理界面未正确验证用户输入,可能导致跨站脚本攻击。
Description (English)
Cisco United Communications Manager is a call-processing component of a unified communications system of Cisco. The component provides an extended, distributed and highly usable enterprise IP call processing solution. Cisco United Communities Manager has a cross-site script loophole, which stems from the fact that Web-based management interface does not correctly validate user input and may result in cross-site script attacks.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
思科
Published
2025-10-01
Last Modified
2026-02-24
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-stored-xss-Fnj66YLy https://vigilance.fr/vulnerability/Cisco-Unified-Communications-Manager-Cross-Site-Scripting-via-Web-based-Management-Interface-48362