Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in the web management interface on Polycom HDX Video End Points with UC APL software before 2.7.1.1_J, and commercial software before 3.0.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References 3 Total
- securitytracker.com: 1027926 vdb-entry
- archives.neohapsis.com: 20121226 Polycom HDX Video End Points Web Management Cross Site Scripting (XSS) vulnerability mailing-list
- http://knowledgebase-iframe.polycom.com/kb/knowledgebase/End%20User/Tech%20Alerts/Video/15990_fHDX%20XSS%20Vulnerability%20-%20Security%20Bulletin%20101521.pdf
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 3 Total
- securitytracker.com: 1027926 vdb-entryx_transferred
- archives.neohapsis.com: 20121226 Polycom HDX Video End Points Web Management Cross Site Scripting (XSS) vulnerability mailing-listx_transferred
- http://knowledgebase-iframe.polycom.com/kb/knowledgebase/End%20User/Tech%20Alerts/Video/15990_fHDX%20XSS%20Vulnerability%20-%20Security%20Bulletin%20101521.pdf x_transferred