CVE-2009-0743

low Cisco
CVSS v3 Base Score
3.5
AV:N/AC:M/Au:S/C:N/I:P/A:N
EPSS Score
0.2%
Exploitation probability in 30 days
Top 54% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
None
Integrity
P
Availability
None
Published: February 27, 2009 (6284 days ago)
Last Modified: April 23, 2026
Vendor: Cisco
Source: NVD

Description

Cross-site scripting (XSS) vulnerability in the edit account page in the Web Server in Cisco Unified MeetingPlace Web Conferencing 6.0 before 6.0(517.0) (aka 6.0 MR4) and 7.0 before 7.0(2) (aka 7.0 MR1) allows remote authenticated users to inject arbitrary web script or HTML via the E-mail Address field.

CWE

CWE-79

Affected Products

cisco unified meetingplace

References

🔗 www.cisco.com 🔗 www.securityfocus.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 exchange.xforce.ibmcloud.com