CVE-2020-7033

Summary

A Cross Site Scripting (XSS) Vulnerability on the Unified Portal Client (web client) used in Avaya Equinox Conferencing can allow an authenticated user to perform XSS attacks. The affected versions of Equinox Conferencing includes all 9.x versions before 9.1.10.

Affected Software

VendorProductVersion RangeStatus
AvayaAvaya Equinox Conferencing9.x < 9.1.10affected

Weaknesses

  • CWE-79: CWE-79 - Improper Neutralization of Input During Web Page Generation

ADP Enrichment

CVE Program Container

Additional References

References