EUVD-2021-27302

Malware in sbrugna...

The vulnerability of the Cisco Webex Video Mesh media transfer software arises from the lack of protective measures taken for the website structure, allowing attackers to carry out cross-site scripting attacks.

The vulnerability of the Cisco Webex Video Mesh media transfer software exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability in the web interface of the Cisco Webex Video Mesh software allows a attacker to redirect users to a malicious web page.

The vulnerability of the Cisco Webex Video Mesh software management web interface is related to the possibility of redirecting users to an unreliable website. Exploiting this vulnerability allows a malicious actor to redirect users to malicious web pages...

Cisco Webex Video Mesh Input Validation Error Vulnerability

Cisco Webex Video Mesh is a software from Cisco, U.S.A. Cisco Webex Video Mesh dynamically finds the best combination of local and cloud conferencing resources. When local resources are sufficient, local meetings stay local. When local resources are exhausted, the conference is expanded to the...

Cisco Webex Video Mesh Cross-Site Scripting Vulnerability

Cisco Webex Video Mesh is a software from Cisco, U.S.A. Cisco Webex Video Mesh dynamically finds the best combination of local and cloud conferencing resources. When local resources are sufficient, local meetings stay local. When local resources are exhausted, the conference is expanded to the...

CVE-2021-40115

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...

CVE-2021-40115

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...

CVE-2021-1500

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An attacker could exploit th...

CVE-2021-1500

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An attacker could exploit th...

Design/Logic Flaw

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An attacker could exploit th...

CVE-2021-1500

Cisco Webex Video Mesh suffers an input validation flaw in the web-based management interface that improperly validates URL parameters in HTTP requests. An unauthenticated, remote attacker could lure a user to click a crafted link and be redirected to a malicious site, enabling phishing scenarios...

CVE-2021-1500 Cisco Webex Video Mesh Arbitrary Site Redirection Vulnerability

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An attacker could exploit th...

CVE-2021-40115 Cisco Webex Video Mesh Cross-Site Scripting Vulnerability

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...

CVE-2021-40115

CVE-2021-40115 — Cisco Webex Video Mesh XSS : A vulnerability in Cisco Webex Video Mesh arises from insufficient validation of user-supplied input in the web-based management interface, enabling an unauthenticated, remote attacker to lure a user into clicking a crafted link and execute arbitrary ...

CVE-2021-40115 Cisco Webex Video Mesh Cross-Site Scripting Vulnerability

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...

Cisco Webex Video Mesh Arbitrary Site Redirection Vulnerability

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An attacker could exploit th...

Cisco Webex Video Mesh Cross-Site Scripting Vulnerability

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...

Cisco Webex Video Mesh 跨站脚本漏洞

Cisco Webex Video Mesh is a software from Cisco, U.S.A. Cisco Webex Video Mesh dynamically finds the best combination of local and cloud conferencing resources. When local resources are sufficient, local meetings stay local. When local resources are exhausted, the conference is expanded to the...

Cisco Webex Video Mesh 输入验证错误漏洞

Cisco Webex Video Mesh is a software from Cisco, U.S.A. Cisco Webex Video Mesh dynamically finds the best combination of local and cloud conferencing resources. When local resources are sufficient, local meetings stay local. When local resources are exhausted, the conference is expanded to the...

The vulnerability in the web interface of the Cisco Webex Video Mesh software allows a malicious actor to execute arbitrary commands.

The vulnerability of the Cisco Webex Video Mesh software control web interface is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...