Medium severity6.1NVD Advisory· Published Jan 26, 2016· Updated Jun 17, 2026
CVE-2016-1298
CVE-2016-1298
Description
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Contact Center Express 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via vectors related to permalinks, aka Bug ID CSCux92033.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:cisco:unified_contact_center_express:10.0\(1\):*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:cisco:unified_contact_center_express:10.0\(1\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_contact_center_express:10.5\(1\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_contact_center_express:10.6\(1\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_contact_center_express:11.0\(1\):*:*:*:*:*:*:*
- (no CPE)range: =10.0(1) || =10.5(1) || =10.6(1) || =11.0(1)
Patches
Vulnerability mechanics
References
2- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-uccenvdVendor Advisory
- www.securitytracker.com/id/1034828nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.