Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse Server 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCut53595.
http://www.securitytracker.com/id/1032222
http://tools.cisco.com/security/center/viewAlert.x?alertId=38607