CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2007-5581
https://notcve.org/view.php?id=CVE-2007-5581
Multiple cross-site scripting (XSS) vulnerabilities in mpweb/scripts/mpx.dll in Cisco Unified MeetingPlace 5.4 and earlier and 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) FirstName and (2) LastName parameters. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en mpweb/scripts/mpx.dll de Cisco Unified MeetingPlace 5.4 y anteriores y 6.0 permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de los parámetros (1) FirstName y (2) LastName. • http://secunia.com/advisories/26462 http://securitytracker.com/id?1018904 http://www.cisco.com/warp/public/707/cisco-sr-20071107-mp.shtml http://www.securityfocus.com/bid/26364 http://www.vupen.com/english/advisories/2007/3772 https://exchange.xforce.ibmcloud.com/vulnerabilities/38298 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •