Arbitrary Code Injection Vulnerability in Cisco IP Phone 8800 Devices (Bug ID CSCuz03024)

Arbitrary Code Injection Vulnerability in Cisco IP Phone 8800 Devices (Bug ID CSCuz03024)

CVE-2016-1476 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability on Cisco IP Phone 8800 devices with software 11.0 allows remote authenticated users to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCuz03024.

Learn more about our Cis Benchmark Audit For Cisco.