Описание
A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencing include all 8.x versions prior to 8.0 SP14 (8.0.14). Prior versions not listed were not evaluated.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 8.0 (включая)
Одно из
cpe:2.3:a:avaya:aura_conferencing:*:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_conferencing:8.0:-:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_conferencing:8.0:sp10:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_conferencing:8.0:sp11:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_conferencing:8.0:sp12:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_conferencing:8.0:sp13:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_conferencing:8.0:sp2:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_conferencing:8.0:sp4:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_conferencing:8.0:sp5:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_conferencing:8.0:sp7:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_conferencing:8.0:sp8:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00357
Низкий
5.9 Medium
CVSS3
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencing include all 8.x versions prior to 8.0 SP14 (8.0.14). Prior versions not listed were not evaluated.
EPSS
Процентиль: 57%
0.00357
Низкий
5.9 Medium
CVSS3
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-79
CWE-79