Unrated severityNVD Advisory· Published Oct 13, 2008· Updated Apr 23, 2026
CVE-2008-4542
CVE-2008-4542
Description
Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x before 4.2(1)ES162, 5.x before 5.0(1)ES56, and 7.x before 7.0(2)ES8 allows remote authenticated administrators to inject arbitrary web script or HTML by entering it in the database (aka data store).
Affected products
12cpe:2.3:a:cisco:unity:*:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:cisco:unity:*:*:*:*:*:*:*:*range: <=4.2\(1\)
- cpe:2.3:a:cisco:unity:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:4.0\(1\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:4.0\(2\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:4.0\(3\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:4.0\(3\):sr2:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:4.0\(4\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:4.0\(4\):sr1:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:4.0\(5\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:4.1\(1\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity:7.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- secunia.com/advisories/32207nvdVendor Advisory
- www.cisco.com/en/US/products/products_security_response09186a0080a0d861.htmlnvdVendor Advisory
- securitytracker.com/idnvd
- www.securityfocus.com/bid/31642nvd
- www.voipshield.com/research-details.phpnvd
- www.vupen.com/english/advisories/2008/2771nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/45744nvd
News mentions
0No linked articles in our index yet.