CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12756 – Avaya Spaces HTML injection (HTMLi) Vulnerability
https://notcve.org/view.php?id=CVE-2024-12756
11 Feb 2025 — An HTML Injection vulnerability in Avaya Spaces may have allowed disclosure of sensitive information or modification of the page content seen by the user. • https://support.avaya.com/css/public/documents/101091836 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12755 – Avaya Spaces XSS Vulnerability
https://notcve.org/view.php?id=CVE-2024-12755
11 Feb 2025 — A Cross-Site Scripting (XSS) vulnerability in Avaya Spaces may have allowed unauthorized code execution and potential disclose of sensitive information. • https://support.avaya.com/css/public/documents/101091836 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •