The vulnerability in the software web interface for Cisco Webex Meetings allows attackers to perform cross-site scripting attacks and gain unauthorized access to protected information.

The vulnerability of Cisco Webex Meetings software’s web interface is related to the lack of measures taken to protect the website structure during the processing of Webex Events classic applications. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks a...

Cisco Webex Meetings Cross-Site Scripting Vulnerability (CNVD-2023-62934)

Cisco Webex Meetings is a set of video conferencing solutions from Cisco USA. Cisco Webex Meetings suffers from a cross-site scripting vulnerability that stems from a lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary Web...

CVE-2023-20133

A vulnerability in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability exists because of insufficient validation of user-supplied input in Webex Events class...

CVE-2023-20180

A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web interface on an affected system. An attack...

CVE-2023-20133

A vulnerability in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability exists because of insufficient validation of user-supplied input in Webex Events class...

CVE-2023-20180

A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web interface on an affected system. An attack...

Cross site scripting

A vulnerability in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability exists because of insufficient validation of user-supplied input in Webex Events class...

Cross site request forgery (csrf)

A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web interface on an affected system. An attack...

CVE-2023-20180

CVE-2023-20180 concerns Cisco Webex Meetings web UI CSRF. The issue arises from insufficient CSRF protections in the web interface, enabling an unauthenticated, remote attacker to coax a user into clicking a malicious link and perform arbitrary actions (e.g., joining meetings, scheduling training...

CVE-2023-20180

A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web interface on an affected system. An attack...

CVE-2023-20133

A vulnerability in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability exists because of insufficient validation of user-supplied input in Webex Events class...

CVE-2023-20133

Cisco Webex Meetings web UI contains a stored XSS vulnerability due to insufficient input validation in Webex Events (classic) programs, email templates, and survey questions. An authenticated, remote attacker could lure a user to click a malicious link, allowing script execution within the affec...

CVE-2023-20133

A vulnerability in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability exists because of insufficient validation of user-supplied input in Webex Events class...

Cisco Webex Meetings 跨站请求伪造漏洞

Cisco Webex Meetings is a video conferencing solution from Cisco. A security vulnerability exists in Cisco Webex Meetings, which stems from a cross-site request forgery vulnerability that allows an attacker to perform arbitrary actions in the affected interface using the privileges of the target...

Cisco Webex Meetings 跨站脚本漏洞

Cisco Webex Meetings is a set of video conferencing solutions from Cisco USA. Cisco Webex Meetings suffers from a cross-site scripting vulnerability that stems from a lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary Web...

Cisco Webex Meetings Web UI Vulnerabilities

Multiple vulnerabilities in the web UI of Cisco Webex Meetings could allow a remote attacker to conduct stored cross-site scripting XSS or cross-site request forgery CSRF attacks. For more information about these vulnerabilities, see the Details "details" section of this advisory. Cisco has...

PT-2023-3544 · Cisco · Cisco Webex Meetings

Name of the Vulnerable Software and Affected Versions: Cisco Webex Meetings affected versions not specified Description: A vulnerability in the web interface could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This is due to...

The vulnerability in the software web interface for Cisco Webex Meetings allows a perpetrator to upload arbitrary files.

The vulnerability of Cisco Webex Meetings software’s web interface is related to insufficient verification of data entered by users. Exploiting this vulnerability allows a malicious actor to upload arbitrary files by sending a specially created HTML request...

The vulnerability in the software web interface for Cisco Webex Meetings allows attackers to perform cross-site scripting attacks.

The vulnerability of Cisco Webex Meetings software’s web interface is related to insufficient verification of data entered by users during a web seminar session. Exploiting this vulnerability allows a malicious actor to carry out cross-site scripting attacks using a specially created malicious li...

Cisco Webex Network Recording Player (cisco-sa-webex-player-rCFDeVj2)

The version of Cisco Webex Network Recording Player and Cisco Webex Player installed on the remote host is affected by a memory corruption vulnerability due to insufficient validation of Webex recording files formatted as either Advanced Recording Format ARF or Webex Recording Format WRF. An...