CVE-2007-4284

CVE Database · CVE-2007-4284

CVE-2007-4284

· N/AModified

CVSS v3.1

N/A

EPSS

1.57%

Published

Aug 9, 2007

Modified

Apr 22, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified MeetingPlace Web Conferencing (MP) 5.3.235.0 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) Success Template (STPL) and (2) Failure Template (FTPL) parameters, which are not properly handled in an error message.

Affected Products (1)

cisco · meetingplace_web_confrencingvulnerable

References (20)

http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065134.html

http://secunia.com/advisories/26376

http://securityreason.com/securityalert/2990

http://www.cisco.com/en/US/products/products_security_response09186a008089969e.html

http://www.securityfocus.com/archive/1/475840/100/0/threaded

http://www.securityfocus.com/archive/1/475845/100/0/threaded

http://www.securityfocus.com/bid/25237

http://www.securitytracker.com/id?1018537

http://www.vupen.com/english/advisories/2007/2815

https://exchange.xforce.ibmcloud.com/vulnerabilities/35871

http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065134.html

KEV Catalog EPSS Scores Vendors All CVEs