|
|
CVE Reference: CVE-2007-4284 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-4284 |
|
|
Description: Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified MeetingPlace Web Conferencing (MP) 5.3.235.0 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) Success Template (STPL) and (2) Failure Template (FTPL) parameters, which are not properly handled in an error message. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/35871 ST 1018537 SREASON http://securityreason.com/securityalert/2990 SAID Secunia Advisory: SA26376 FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065134.html CISCO http://www.cisco.com/en/US/products/products_security_response09186a008089969e.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/475840/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/475845/100/0/threaded BID 25237 |
|
| Return to the previous page. |
