A vulnerability in the one-x Portal component of IP Office could allow an authenticated user to perform stored cross site scripting attacks via fields in the Conference Scheduler Service that could affect other application users. Affected versions of IP Office include 10.0 through 10.1 SP3 and 11.0 versions prior to 11.0 SP1.
References
Link | Resource |
---|---|
https://downloads.avaya.com/css/P8/documents/101054317 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: avaya
Published: 2019-01-23T17:00:00
Updated: 2019-01-23T16:57:01
Reserved: 2018-08-21T00:00:00
Link: CVE-2018-15614
JSON object: View
NVD Information
Status : Modified
Published: 2019-01-23T17:29:00.397
Modified: 2019-10-09T23:35:46.063
Link: CVE-2018-15614
JSON object: View
Redhat Information
No data.
CWE