CVE-2022-37462

Published: 2023-04-10T13:15Z

Last Modified: 2025-02-12T18:15Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

A stored Cross-Site Scripting (XSS) vulnerability in the Chat gadget in Upstream Works Agent Desktop for Cisco Finesse through 4.2.12 and 5.0 allows remote attackers to inject arbitrary web script or HTML via AttachmentId in the file-upload details. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt