| Vulnerability Name: | CVE-2013-1123 (CCN-81986) | ||||||||
| Assigned: | 2013-02-07 | ||||||||
| Published: | 2013-02-07 | ||||||||
| Updated: | 2017-08-29 | ||||||||
| Summary: | Multiple cross-site scripting (XSS) vulnerabilities in the server in Cisco Unified MeetingPlace 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuc65411 and CSCue18706. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-79 | ||||||||
| Vulnerability Consequences: | Cross-Site Scripting | ||||||||
| References: | Source: MITRE Type: CNA CVE-2013-1123 Source: OSVDB Type: UNKNOWN 90075 Source: CCN Type: SA52109 Cisco Unified MeetingPlace Unspecified Cross-Site Scripting Vulnerability Source: SECUNIA Type: Vendor Advisory 52109 Source: CCN Type: Cisco Security Notice Cisco Unified MeetingPlace Server Cross-Site Scripting Vulnerability Source: CISCO Type: Vendor Advisory 20130207 Cisco Unified MeetingPlace Server Cross-Site Scripting Vulnerability Source: CONFIRM Type: Vendor Advisory http://tools.cisco.com/security/center/viewAlert.x?alertId=28228 Source: BID Type: UNKNOWN 57885 Source: CCN Type: BID-57885 Cisco Unified MeetingPlace CVE-2013-1123 Unspecified Cross Site Scripting Vulnerability Source: XF Type: UNKNOWN cisco-meetingplace-unspec-xss(81986) Source: XF Type: UNKNOWN cisco-meetingplace-unspec-xss(81986) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||