Vulnerabilities > Avaya > IP Office Application Server > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-12-12 CVE-2019-7004 Cross-site Scripting vulnerability in Avaya IP Office Application Server 11.0/11.0.4.0
A Cross-Site Scripting (XSS) vulnerability in the WebUI component of IP Office Application Server could allow unauthorized code execution and potentially disclose sensitive information.
network
low complexity
avaya CWE-79
5.4
5.4