CVE-2015-4272 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in the ccmivr page in Cisco Unified Communications Manager (formerly CallManager) 10.5(2.10000.5) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter aka Bug ID CSCut19580.

Reference

http://tools.cisco.com/security/center/viewAlert.x?alertId=39905 http://www.securitytracker.com/id/1032888