A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencing include all 8.x versions prior to 8.0 SP14 (8.0.14). Prior versions not listed were not evaluated.
References
Link | Resource |
---|---|
https://downloads.avaya.com/css/P8/documents/101060208 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2019-07-31 15:15
Updated : 2023-01-31 13:05
NVD link : CVE-2019-7000
Mitre link : CVE-2019-7000
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
avaya
- aura_conferencing