{"uuid": "5a72bb1a-5d09-4d0f-b2d2-18f41a9c317a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20305", "type": "seen", "source": "https://t.me/arpsyndicate/3279", "content": "#ExploitObserverAlert\n\nCVE-2024-20305\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-20305. A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.", "creation_timestamp": "2024-01-28T11:25:01.000000Z"}