Vulnerability Details CVE-2014-8026
Cross-site scripting (XSS) vulnerability in the Guest Server in Cisco Jabber allows remote attackers to inject arbitrary web script or HTML via a (1) GET or (2) POST parameter, aka Bug ID CSCus08074.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.9%
CVSS Severity
CVSS v2 Score 4.3
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8026
- http://www.securityfocus.com/bid/71769
- http://www.securitytracker.com/id/1031422
- https://tools.cisco.com/security/center/viewAlert.x?alertId=36872
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8026
- http://www.securityfocus.com/bid/71769
- http://www.securitytracker.com/id/1031422
- https://tools.cisco.com/security/center/viewAlert.x?alertId=36872
Products affected by CVE-2014-8026
-
cpe:2.3:a:cisco:jabber_guest:-
-
cpe:2.3:a:cisco:jabber_guest:10.0.0
-
cpe:2.3:a:cisco:jabber_guest:10.0.2
-
cpe:2.3:a:cisco:jabber_guest:10.5.0
-
cpe:2.3:a:cisco:jabber_guest:10.6.10
-
cpe:2.3:a:cisco:jabber_guest:10.6.11
-
cpe:2.3:a:cisco:jabber_guest:10.6.12
-
cpe:2.3:a:cisco:jabber_guest:10.6.8
-
cpe:2.3:a:cisco:jabber_guest:10.6.9
-
cpe:2.3:a:cisco:jabber_guest:11.0.0
-
cpe:2.3:a:cisco:jabber_guest:11.1(0)
-
cpe:2.3:a:cisco:jabber_guest:11.1(2)