CVE-2009-0743 Information

Description

Cross-site scripting (XSS) vulnerability in the edit account page in the Web Server in Cisco Unified MeetingPlace Web Conferencing 6.0 before 6.0(517.0) (aka 6.0 MR4) and 7.0 before 7.0(2) (aka 7.0 MR1) allows remote authenticated users to inject arbitrary web script or HTML via the E-mail Address field.

Reference

http://www.cisco.com/en/US/products/products_security_response09186a0080a7bc61.html http://www.securityfocus.com/archive/1/501251/30/0/threaded http://www.securityfocus.com/bid/33915 http://www.securitytracker.com/id?1021778 https://exchange.xforce.ibmcloud.com/vulnerabilities/48965