CVE-2015-4294
Cross-site scripting (XSS) vulnerability in Cisco IM and Presence Service before 10.5 MR1 allows remote attackers to inject arbitrary web script or HTML by constructing a crafted URL that leverages incomplete filtering of HTML elements, aka Bug ID CSCut41766.
Date published : 2015-07-31
http://tools.cisco.com/security/center/viewAlert.x?alertId=40217