Vulnerabilities > Cisco > Unified IP Contact Center Express > 6.0.1

DATE CVE VULNERABILITY TITLE RISK
2009-07-16 CVE-2009-2048 Cross-Site Scripting vulnerability in Cisco products
Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors.
network
cisco CWE-79
3.5
3.5
2009-07-16 CVE-2009-2047 Path Traversal vulnerability in Cisco products
Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors.
network
low complexity
cisco CWE-22
critical
 9.0
9.0