Vulnerabilities > Cisco > Spark > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-05 | CVE-2017-12269 | Cross-site Scripting vulnerability in Cisco Spark A vulnerability in the web UI of Cisco Spark Messaging Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack. | 5.4 |
| 2016-02-12 | CVE-2016-1324 | Permissions, Privileges, and Access Controls vulnerability in Cisco Spark 201506Base The REST interface in Cisco Spark 2015-06 allows remote attackers to cause a denial of service (resource outage) by accessing an administrative page, aka Bug ID CSCuv84125. | 5.3 |
| 2016-02-12 | CVE-2016-1323 | Information Exposure vulnerability in Cisco Spark 201506Base The REST interface in Cisco Spark 2015-06 allows remote authenticated users to obtain sensitive information via a request for an unspecified file, aka Bug ID CSCuv84048. | 4.3 |