A remote authenticated user can gain elevated privileges on the target system.
Cisco Digital Media Manager: Version(s) 5.22 and prior, 5.2.3
The system does not properly validate unreferenced URLs.
Cisco Show and Share is not directly affected by this vulnerability, but a user can exploit the Cisco Digital Media Manager to gain full access to Cisco Show and Share.
A remote authenticated user can send a specially crafted URL via TCP port 8443 to access administrative resources and gain administrative privileges.