mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
95 lines
8.3 KiB
Markdown
95 lines
8.3 KiB
Markdown
|
### [CVE-2024-20540](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20540)
|
||
|
|
|
||
|
|
%20&color=brightgreen)
|
||
|
|
ES1%20&color=brightgreen)
|
||
|
|
ES10%20&color=brightgreen)
|
||
|
|
ES11%20&color=brightgreen)
|
||
|
|
ES12%20&color=brightgreen)
|
||
|
|
ES13%20&color=brightgreen)
|
||
|
|
ES2%20&color=brightgreen)
|
||
|
|
ES3%20&color=brightgreen)
|
||
|
|
ES4%20&color=brightgreen)
|
||
|
|
ES5%20&color=brightgreen)
|
||
|
|
ES6%20&color=brightgreen)
|
||
|
|
ES7%20&color=brightgreen)
|
||
|
|
ES8%20&color=brightgreen)
|
||
|
|
ES9%20&color=brightgreen)
|
||
|
|
%20&color=brightgreen)
|
||
|
|
ES1%20&color=brightgreen)
|
||
|
|
ES2%20&color=brightgreen)
|
||
|
|
ES3%20&color=brightgreen)
|
||
|
|
%20&color=brightgreen)
|
||
|
|
ES1%20&color=brightgreen)
|
||
|
|
ES2%20&color=brightgreen)
|
||
|
|
ES3%20&color=brightgreen)
|
||
|
|
ES4%20&color=brightgreen)
|
||
|
|
ES5%20&color=brightgreen)
|
||
|
|
ES6%20&color=brightgreen)
|
||
|
|
ES7%20&color=brightgreen)
|
||
|
|
ES8%20&color=brightgreen)
|
||
|
|
ES9%20&color=brightgreen)
|
||
|
|
%20&color=brightgreen)
|
||
|
|
ES1%20&color=brightgreen)
|
||
|
|
ES2%20&color=brightgreen)
|
||
|
|
_ES10%20&color=brightgreen)
|
||
|
|
_ES11%20&color=brightgreen)
|
||
|
|
_ES12%20&color=brightgreen)
|
||
|
|
_ES13%20&color=brightgreen)
|
||
|
|
_ES14%20&color=brightgreen)
|
||
|
|
_ES15%20&color=brightgreen)
|
||
|
|
_ES16%20&color=brightgreen)
|
||
|
|
_ES17%20&color=brightgreen)
|
||
|
|
_ES3%20&color=brightgreen)
|
||
|
|
_ES4%20&color=brightgreen)
|
||
|
|
_ES5%20&color=brightgreen)
|
||
|
|
_ES6%20&color=brightgreen)
|
||
|
|
_ES7%20&color=brightgreen)
|
||
|
|
_ES9%20&color=brightgreen)
|
||
|
|
%20&color=brightgreen)
|
||
|
|
_ES1%20&color=brightgreen)
|
||
|
|
_ES2%20&color=brightgreen)
|
||
|
|
_ES3%20&color=brightgreen)
|
||
|
|
_ES4%20&color=brightgreen)
|
||
|
|
_ES5%20&color=brightgreen)
|
||
|
|
%20&color=brightgreen)
|
||
|
|
_ES1%20&color=brightgreen)
|
||
|
|
_ES10%20&color=brightgreen)
|
||
|
|
_ES11%20&color=brightgreen)
|
||
|
|
_ES12%20&color=brightgreen)
|
||
|
|
_ES2%20&color=brightgreen)
|
||
|
|
_ES3%20&color=brightgreen)
|
||
|
|
_ES4%20&color=brightgreen)
|
||
|
|
_ES5%20&color=brightgreen)
|
||
|
|
_ES6%20&color=brightgreen)
|
||
|
|
_ES7%20&color=brightgreen)
|
||
|
|
_ES8%20&color=brightgreen)
|
||
|
|
_ES9%20&color=brightgreen)
|
||
|
|
%20&color=brightgreen)
|
||
|
|
_ES1%20&color=brightgreen)
|
||
|
|
_ES10%20&color=brightgreen)
|
||
|
|
_ES11%20&color=brightgreen)
|
||
|
|
_ES12%20&color=brightgreen)
|
||
|
|
_ES13%20&color=brightgreen)
|
||
|
|
_ES2%20&color=brightgreen)
|
||
|
|
_ES3%20&color=brightgreen)
|
||
|
|
_ES4%20&color=brightgreen)
|
||
|
|
_ES5%20&color=brightgreen)
|
||
|
|
_ES6%20&color=brightgreen)
|
||
|
|
_ES7%20&color=brightgreen)
|
||
|
|
_ES8%20&color=brightgreen)
|
||
|
|
_ES9%20&color=brightgreen)
|
||
|
|
&color=brightgreen)
|
||
|
|
|
||
|
|
### Description
|
||
|
|
|
||
|
|
A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP) could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting (XSS) attack against a user of the interface.
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into a specific page of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. To exploit this vulnerability, the attacker must have at least a Supervisor role on an affected device.
|
||
|
|
|
||
|
|
### POC
|
||
|
|
|
||
|
|
#### Reference
|
||
|
|
No PoCs from references.
|
||
|
|
|
||
|
|
#### Github
|
||
|
|
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||
|
|
|