Vulnerabilities > Cisco > Enterprise Chat AND Email > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-27 | CVE-2022-20802 | Cross-site Scripting vulnerability in Cisco Enterprise Chat and Email A vulnerability in the web interface of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 5.4 |
| 2019-11-05 | CVE-2019-1877 | Improper Authentication vulnerability in Cisco Enterprise Chat and Email 11.6(1)Es9 A vulnerability in the HTTP API of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to download files attached through chat sessions. | 6.5 |
| 2019-06-05 | CVE-2019-1870 | Cross-site Scripting vulnerability in Cisco Enterprise Chat and Email 11.6(1)/11.6(1)Es6 A vulnerability in the web-based management interface of Cisco Enterprise Chat and Email (ECE) Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2019-03-11 | CVE-2019-1702 | Cross-site Scripting vulnerability in Cisco Enterprise Chat and Email 11.6(1) Multiple vulnerabilities in the web-based management interface of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. | 6.1 |