CVE-2017-3872
published 2017-03-17CVE-2017-3872: A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an…
medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of an affected device. More Information: CSCvc21620. Known Affected Releases: 10.5(2.14076.1). Known Fixed Releases: 12.0(0.98000.641) 12.0(0.98000.500) 12.0(0.98000.219).
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | unified_communications_manager | — | — |
| cisco | unified_communications_manager | — | — |
| cisco | unified_communications_manager | — | — |
| cisco | unified_communications_manager | — | — |
| cisco | unified_communications_manager | — | — |