CVE-2014-8030

Опубликовано: 09 янв. 2015

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in sendPwMail.do in Cisco WebEx Meetings Server allows remote attackers to inject arbitrary web script or HTML via the email parameter, aka Bug ID CSCuj40381.

Ссылки

http://secunia.com/advisories/62163
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8030
Vendor Advisory
http://www.securityfocus.com/bid/71945
http://www.securitytracker.com/id/1031517
https://exchange.xforce.ibmcloud.com/vulnerabilities/100574
http://secunia.com/advisories/62163
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8030
Vendor Advisory
http://www.securityfocus.com/bid/71945
http://www.securitytracker.com/id/1031517
https://exchange.xforce.ibmcloud.com/vulnerabilities/100574

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:webex_meetings_server:-:*:*:*:*:*:*:*

EPSS

Процентиль: 55%

0.00329

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-hq3j-wc98-8957

github

больше 3 лет назад