CVE-2014-3373 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in the CCM Dialed Number Analyzer interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters aka Bug ID CSCup92550.

Reference

http://secunia.com/advisories/59692 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3373 http://tools.cisco.com/security/center/viewAlert.x?alertId=36294 http://www.securityfocus.com/bid/70848 http://www.securitytracker.com/id/1031161 https://exchange.xforce.ibmcloud.com/vulnerabilities/98406