CVE-2009-2048 Information

Description

Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors.

Reference

http://osvdb.org/55937 http://secunia.com/advisories/35861 http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml http://www.securityfocus.com/bid/35705 http://www.securitytracker.com/id?1022569 http://www.vupen.com/english/advisories/2009/1913 https://exchange.xforce.ibmcloud.com/vulnerabilities/51730