Computer Security
[EN] securityvulns.ru no-pyccku


Yealink VOIP Phone crossite sceripting
Published:18.03.2012
Source:
SecurityVulns ID:12260
Type:local
Threat Level:
3/10
Description:Crossite scripting in address book
CVE:CVE-2012-1417 (Multiple cross-site scripting (XSS) vulnerabilities in Local Phone book and Blacklist form in Yealink VOIP Phones allow remote authenticated users to inject arbitrary web script or HTML via the user field to cgi-bin/ConfigManApp.com.)
Original documentdocumentNarendra Shinde, Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability [CVE-2012-1417] (18.03.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod