Lucene search
PRIOn knowledge basePRION:CVE-2023-20104HistoryMar 03, 2023 - 4:15 p.m.
Cross site scripting
2023-03-0316:15:00
PRIOn knowledge base
www.prio-n.com
2
vulnerability
cisco webex
file upload
remote attacker
cross-site scripting
user interface
validation
arbitrary file
url
exploit
script code
sensitive information
0.001 Low
EPSS
Percentile
45.7%
A vulnerability in the file upload functionality of Cisco Webex App for Web could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending an arbitrary file to a user and persuading that user to browse to a specific URL. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Related
cvelist
cvelist
CVE-2023-20104 Cisco Webex App for Web Cross-Site Scripting Vulnerability
2023-03-03 00:00:00
nvd
nvd
CVE-2023-20104
2023-03-03 16:15:10
cisco
cisco
Cisco Webex App for Web Cross-Site Scripting Vulnerability
2023-03-01 16:00:00
cve
cve
CVE-2023-20104
2023-03-03 16:15:10