A vulnerability in the one-x Portal component of IP Office could allow an authenticated user to perform stored cross site scripting attacks via fields in the Conference Scheduler Service that could affect other application users. Affected versions of IP Office include 10.0 through 10.1 SP3 and 11.0 versions prior to 11.0 SP1.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://downloads.avaya.com/css/P8/documents/101054317 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: avaya
Published: 2019-01-23T17:00:00
Updated: 2024-08-05T10:01:54.170Z
Reserved: 2018-08-21T00:00:00
Link: CVE-2018-15614
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-01-23T17:29:00.397
Modified: 2024-11-21T03:51:10.737
Link: CVE-2018-15614
Redhat
No data.