Vulnerabilities > Cisco > Broadworks Application Server > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-03 | CVE-2023-20204 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. | 5.4 |
| 2023-01-20 | CVE-2023-20019 | Cross-site Scripting vulnerability in Cisco Broadworks Xtended Services Platform A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform, Cisco BroadWorks Application Server, and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. | 6.1 |
| 2021-07-08 | CVE-2021-1562 | Improper Input Validation vulnerability in Cisco Broadworks Application Server A vulnerability in the XSI-Actions interface of Cisco BroadWorks Application Server could allow an authenticated, remote attacker to access sensitive information on an affected system. | 4.3 |