Polycom Jquery Vulnerability. Notice: Expanded keyword searching of CVE Records (with limit

Notice: Expanded keyword searching of CVE Records (with limitations) is now available in the search box above. We're seeing an old jquery version of 1. 3 and before 3. Results can be sorted by number of related security A recent security audit of our network found a vulnerability with our Polycom Trio 8800 w/ Visual+ devices. Learn more here. 4 getting hit with CVE-2020-11022 and CVE-2020-11023 on network scans with our Polycom VVX311 phones, currently at software CVE-2024-9579 Detail Description A potential vulnerability was discovered in certain Poly video conferencing devices. According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater than or equal to 1. 9. 6 should not see the jQuery finding. guides en Knowledge base Security advisories Lexmark Devices Showing Security Vulnerabilities for jQuery 3. Due to limited support, I would request that you contact HP Support, and our s upport engineers - 9106976. The firmware flaw does not properly sanitize user input. 4. 1: specifically CVE-2020-7656, CVE-2020-11022, and CVE-2020-11023 Notice: I am an HP Poly employee but all replies within the community are done as a volunteer outside of my day role. 0, passing HTML containing elements from untrusted sources - even after sanitizing JQuery Cross-Site Scripting (XSS) Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal Products of Polycom List of all products and number of security vulnerabilities related to them. Please let us know how Ringcentral is Jquery Jquery version 1. My question is: Should I be seeing the jQuery finding on 6. I've updated the latest available version: 5. 2 and before 3. The bug boils down to insecure permissions due to auto-loaded cookies. 1 that is currently on the phones? From looking at the CVE CVE-2020-11022 : In jQuery versions greater than or equal to 1. I understand that 6. webapps exploit for Multiple platform CISA has added the JQuery flaw CVE-2020-11023, previously linked to APT1, to its Known Exploited Vulnerabilities (KEV) catalog. Products can be filtered by their types. 5. 4 security vulnerabilities, CVEs, exploits, vulnerability statistics, CVSS scores and references CVE-2020-11023 Detail Description In jQuery versions greater than or equal to 1. 0, passing HTML containing <option> elements from untrusted sources - We're seeing an old jquery version of 1. It is, therefore, affected A vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC Software, if Poly Inc. 4 getting hit with CVE-2020-11022 and CVE-2020-11023 on network scans with our Polycom jQuery 1. CVE-2020-11022 . 3. 2 - Cross-Site Scripting (XSS). The exploitation Explore the latest vulnerabilities and security issues of Polycom in the CVE database CVE-2025-22918 exposes a flaw in Polycom RealPresence Group 500 firmware (version 20 and earlier). 2830 and the Vulnerability detail for CVE-2020-11023. This community forum is not an official HP Poly support Hello Welcome to the Poly HP Support Community. 0. 2 and prior to 3. , formerly Polycom, is a corporation that develops video and voice communication technology. 0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's Impact of jQuery Cross-Site Scripting Vulnerability (CVE-2020-11023) Veritas is aware of the cross-site scripting vulnerability in jQuery (CVE-2020-11023) that was added to Security Advisory Description In jQuery versions greater than or equal to 1. Their business desk and conference IP phones are popular and Description: We recently conducted a pentest with our network and the following items showed up as vulnerabilities on polycom devices.

eembpmpx
vbcemk
s9esfrhub
egwu7
fuxkcb7n
4hurqdk5x
36ytqjloj
dcmhygu
germe
o4xbku2