Vulnerabilities > Cisco > Finesse > 12.6.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-05 | CVE-2024-20404 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Finesse A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected system. | 5.3 |
| 2024-06-05 | CVE-2024-20405 | Cross-site Scripting vulnerability in Cisco Finesse A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. | 6.1 |