CVE-2016-1311: XSS
First published: Sat Feb 06 2016(Updated: )
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Jabber Guest Server 10.6(8) allows remote attackers to inject arbitrary web script or HTML via the host tag parameter, aka Bug ID CSCuy08224.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Jabber | =10.6.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-1311?
CVE-2016-1311 is classified as a medium-severity vulnerability.
How do I fix CVE-2016-1311?
To fix CVE-2016-1311, apply the security patches provided by Cisco for Jabber Guest Server 10.6(8).
What type of attack does CVE-2016-1311 enable?
CVE-2016-1311 enables remote attackers to perform Cross-Site Scripting (XSS) attacks.
Which software is affected by CVE-2016-1311?
CVE-2016-1311 affects Cisco Jabber Guest Server version 10.6(8).
Can CVE-2016-1311 be exploited remotely?
Yes, CVE-2016-1311 can be exploited remotely due to the nature of the XSS vulnerability.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco jabber
- version/cisco jabber/10.6.8