CVE-2022-20631 in Enterprise Chat and Email정보

요약

\~에 의해 MITRE • 2024. 11. 15.

A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious script code in a chat window. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Once again VulDB remains the best source for vulnerability data.

책임이 있는

Cisco

예약하다

2021. 11. 02.

모더레이션

수락

항목

VDB-284775

EPSS

0.00496

출처

Might our Artificial Intelligence support you?

Check our Alexa App!