Gigabit Color IP Phone SIP T38G

DATE	CVE	VULNERABILITY TITLE	RISK
2014-09-17	CVE-2012-1417	Cross-Site Scripting vulnerability in Yealink products Multiple cross-site scripting (XSS) vulnerabilities in Local Phone book and Blacklist form in Yealink VOIP Phones allow remote authenticated users to inject arbitrary web script or HTML via the user field to cgi-bin/ConfigManApp.com. network yealink CWE-79	3.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.