A vulnerability in the web framework code of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. More Information: CSCva47092. Known Affected Releases: 4.10(1).
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-ipics1