← back
CVE-2021-25656

Avaya Aura Experience Portal XSS vulnerabilities

CVSS 5.3 MEDIUMEPSS 0.3%CWE-79
Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information. Affected versions include 7.0 through 7.2.3 (without hotfix) and 8.0.0 (without hotfix).
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Affected products
Avaya · Product

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://downloads.avaya.com/css/P8/documents/101076234