Computer Security
[EN] securityvulns.ru no-pyccku


Cisco Unified Contact Center Express multiple security vulnerabilities
Published:16.07.2009
Source:
SecurityVulns ID:10076
Type:remote
Threat Level:
5/10
Description:Directory traversal and crossite scripting via administration page.
CVE:CVE-2009-2048 (Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors.)
 CVE-2009-2047 (Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors.)
Original documentdocumentCISCO, Cisco Security Advisory: Vulnerabilities in Unified Contact Center Express Administration Pages (16.07.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod