CVE-2014-2104

Cisco Unified Communications Domain Manager 9.0 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Business Voice Services Manager (BVSM) page in Cisco Unified Communications Domain Manager 9.0(.1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCum78536, CSCum78526, CSCum69809, and CSCum63113.

References (3)

[Vendor Advisory] http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2104

[Vendor Advisory] http://tools.cisco.com/security/center/viewAlert.x?alertId=33111

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/65869

Scores

EPSS 0.0032

EPSS Percentile 55.0%

Details

CWE

CWE-79

Status published

Products (2)

cisco/unified_communications_domain_manager

n/a/n/a

Published Mar 02, 2014

Tracked Since Feb 18, 2026