Kwetsbaarheid CVE-2018-0483

A Vulnerability In Cisco Jabber Client Framework (JCF) Could Allow An Authenticated, Remote Attacker To Conduct A Cross-site Scripting (XSS) Attack Against A User Of An Affected System. The Vulnerability Is Due To Insufficient Validation Of User-supplied Input Of An Affected Client. An Attacker Could Exploit This Vulnerability By Executing Arbitrary JavaScript In The Jabber Client Of The Recipient. A Successful Exploit Could Allow The Attacker To Execute Arbitrary Script Code In The Context Of The Targeted Client Or Allow The Attacker To Access Sensitive Client-based Information.

Algemeen

CVE
CVE-2018-0483
Leverancier(s) betrokken
Omschrijving
A Vulnerability In Cisco Jabber Client Framework (JCF) Could Allow An Authenticated, Remote Attacker To Conduct A Cross-site Scripting (XSS) Attack Against A User Of An Affected System. The Vulnerability Is Due To Insufficient Validation Of User-supplied Input Of An Affected Client. An Attacker Could Exploit This Vulnerability By Executing Arbitrary JavaScript In The Jabber Client Of The Recipient. A Successful Exploit Could Allow The Attacker To Execute Arbitrary Script Code In The Context Of The Targeted Client Or Allow The Attacker To Access Sensitive Client-based Information.
Publicatie
Donderdag, 10 Januari 2019
Gewijzigd
Vrijdag, 11 Januari 2019 15:00
Ernst

Referenties

Modificatie geschiedenis

Geef hieronder je email adres op en word op de hoogte gehouden van aanpassingen aan deze CVE