Preview Tool

Cisco Bug: CSCtd69750 - Input validation insufficient for meeting template values

Last Modified

Feb 02, 2017

Products (3)

  • Cisco Unified MeetingPlace
  • Cisco Security Agent for Cisco Unified MeetingPlace
  • Cisco Unified MeetingPlace Web Conferencing

Known Affected Releases


Description (partial)

 Changes in the meeting template (TPL) values may be reflected back to the user
on an error page. 
 Changes to the TPL values will not occur under normal circumstances, They may
be changed as part of a security audit, test tools, or cross site scripting XSS
attack. The return of the values may cause certian test tools to flag
Meetingplace pages as vulnerable to XSS attacks. It is unlikely modern broswers
would actually execute any scripts.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.