CVE-2007-1367 Information

Description

Cross-site scripting (XSS) vulnerability in the login page in Avaya Communications Manager (CM) S87XX S8500 and S8300 products before 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the Login field.

Reference

http://secunia.com/advisories/24397 http://support.avaya.com/elmodocs2/security/ASA-2007-064.htm http://www.osvdb.org/33297 http://www.securityfocus.com/bid/22866