The host is installed with Cisco Jabber version 11.9 and is prone to a cross-site scripting vulnerability. A flaw is present in the applications which fails to properly handle embedding media in instant messages. Successful exploitation allow remote attackers to conduct a cross-site scripting (xss) attack.