Vulnerabilities > Cisco > Virtualized Voice Browser > 12.5.1

DATE CVE VULNERABILITY TITLE RISK
2024-01-26 CVE-2024-20253 Deserialization of Untrusted Data vulnerability in Cisco products
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.
network
low complexity
cisco CWE-502
critical
 10.0
10
2021-07-08 CVE-2021-1575 Cross-site Scripting vulnerability in Cisco Virtualized Voice Browser 11.6/11.6(1)/12.5(1)
A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
cisco CWE-79
6.1
6.1