We have our Kenna server performing scans every week and it found cross-site scripting on our VVX 400 phones. We have in the meantime performed firmware upgrade to 5.9.5 but the issue persists.
We also had the VVX 201 phones with the same issue, but after performing the firmware upgrade to 6.11, the issue disappeared.
Is there a timeframe when a new firmware for the VVX 400 is available to conteract this issue?
Hello @vifarrugia ,
Welcome to the Poly Community.
I have made our security department aware of this post but in order to properly troubleshoot and track this, it would need to come into support.
In order to raise a support ticket, you need to work with your Poly reseller as they may need to do this for you.
End Customers are usually unable to open a ticket directly with Poly support.
If this is some sort of an Internet discounter providing your MAC address or your Poly devices serial will enable us to look up who would be able to support you. This may not be who you purchased the Poly device from.
Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.