Vulnerabilities > Cisco > Finesse > 10.5.1.base
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-05-29 | CVE-2015-0754 | Improper Input Validation vulnerability in Cisco Finesse 10.5(1)Base Cisco Finesse 10.5(1) allows remote authenticated users to obtain sensitive information or cause a denial of service (CPU and memory consumption) via a crafted XML document, aka Bug ID CSCut95810. | 7.5 |
2015-05-02 | CVE-2015-0714 | Cross-site Scripting vulnerability in Cisco Finesse Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse Server 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCut53595. | 4.3 |