Cisco IM and Presence Service XSS Vulnerability (Bug ID CSCut41766)

Cisco IM and Presence Service XSS Vulnerability (Bug ID CSCut41766)

CVE-2015-4294 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in Cisco IM and Presence Service before 10.5 MR1 allows remote attackers to inject arbitrary web script or HTML by constructing a crafted URL that leverages incomplete filtering of HTML elements, aka Bug ID CSCut41766.

Learn more about our Cis Benchmark Audit For Cisco.