A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Ĭisco has released software updates that address this vulnerability. An attacker could exploit this vulnerability by persuading a user to click a malicious link. This vulnerability is due to insufficient validation of user-supplied input in Webex Events (classic) programs, email templates, and survey questions. In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerability.ĭetails about the vulnerabilities are as follows:ĬVE-2023-20133: Cisco Webex Meetings Stored Cross-Site Scripting VulnerabilityĪ vulnerability in the web UI of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored XSS attack against a user. Exploitation of one of the vulnerabilities is not required to exploit the other vulnerability. The vulnerabilities are not dependent on one another.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |