Multiple cross-site scripting (XSS) vulnerabilities in mpweb/scripts/mpx.dll in Cisco Unified MeetingPlace 5.4 and earlier and 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) FirstName and (2) LastName parameters.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2007-11-07 18:46
Updated : 2017-07-28 18:33
NVD link : CVE-2007-5581
Mitre link : CVE-2007-5581
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
cisco
- unified_meetingplace