CVE-2014-2193 Information

Description

Cisco Unified Web and E-Mail Interaction Manager places session identifiers in GET requests which allows remote attackers to inject conversation text by obtaining a valid identifier aka Bug ID CSCuj43084.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2193