Unrated severityNVD Advisory· Published Oct 13, 2008· Updated Jun 16, 2026
CVE-2008-4542
CVE-2008-4542
Description
Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x before 4.2(1)ES162, 5.x before 5.0(1)ES56, and 7.x before 7.0(2)ES8 allows remote authenticated administrators to inject arbitrary web script or HTML by entering it in the database (aka data store).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13cpe:2.3:a:cisco:unity:*:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:cisco:unity:*:*:*:*:*:*:*:*range: <=4.2\(1\)
- cpe:2.3:a:cisco:unity:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:4.0\(1\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:4.0\(2\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:4.0\(3\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:4.0\(3\):sr2:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:4.0\(4\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:4.0\(4\):sr1:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:4.0\(5\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:4.1\(1\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:7.0:*:*:*:*:*:*:*
- (no CPE)range: <4.2(1)ES162, <5.0(1)ES56, <7.0(2)ES8
Patches
Vulnerability mechanics
References
7- secunia.com/advisories/32207nvdVendor Advisory
- www.cisco.com/en/US/products/products_security_response09186a0080a0d861.htmlnvdVendor Advisory
- securitytracker.com/idnvd
- www.securityfocus.com/bid/31642nvd
- www.voipshield.com/research-details.phpnvd
- www.vupen.com/english/advisories/2008/2771nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/45744nvd
News mentions
0No linked articles in our index yet.