Volerion logoVolerion
Volerion logoVolerion

Cisco BroadWorks Application Delivery Platform Cross-Site Scripting Vulnerability

Vulnerability

A cross-site scripting vulnerability has been identified in the web-based management interface of Cisco BroadWorks Application Delivery Platform. This issue allows an unauthenticated, remote attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. The vulnerability arises because the interface fails to properly validate user-supplied input. An attacker could exploit this by persuading a user to click a crafted link.

Impact

Exploitation of this vulnerability could lead to cross-site scripting, allowing attackers to execute scripts in the context of the user's session.

Remediation

Cisco has released patches for this vulnerability. Users can upgrade to version 24_2025.01_1.310 of the BroadWorks Call Center or Receptionist applications. For BroadWorks versions 25.0, users should migrate to a fixed release. Instructions for upgrading can be found on the Cisco Security Advisories page.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
2.6
impact
3.1
exploitability
6.0
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.