Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 11.5(0.99833.5) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuy10766.Referenceshttp://www.securitytracker.com/id/1035012http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160215-er
