CVE-2018-15613

Summary

A cross-site scripting (XSS) vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could result in malicious content being returned to the user. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.

Affected Software

VendorProductVersion RangeStatus
AvayaOrchestration DesignerAll versions up to 7.2.1affected

Weaknesses

  • CWE-79: CWE-79: Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)

ADP Enrichment

CVE Program Container

Additional References

References