Vulnerabilities > Cisco > Unified WEB AND E Mail Interaction Manager > 11.0.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-12-14 | CVE-2015-6416 | Cross-site Scripting vulnerability in Cisco Unified web and E-Mail Interaction Manager 11.0(1) Cross-site scripting (XSS) vulnerability in Cisco Unified Email Interaction Manager and Unified Web Interaction Manager 11.0(1) allows remote attackers to inject arbitrary web script or HTML a crafted URL, aka Bug ID CSCuw24479. | 4.3 |
2015-08-19 | CVE-2015-4298 | Improper Access Control vulnerability in Cisco Unified web and E-Mail Interaction Manager 11.0(1)/9.0(2) Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) improperly performs authorization, which allows remote authenticated users to read or write to stored data via unspecified vectors, aka Bug ID CSCuo89056. | 6.5 |