Lucene search
K
CiscoWebex Social

5 matches found

CVE
CVE
added 2013/02/06 11:0 a.m.41 views

CVE-2013-1107

The CVE-2013-1107 case concerns Cisco Webex Social (formerly Cisco Quad). The vulnerability is in the product’s search function, where remote authenticated users could read files via unspecified parameters (Bug ID CSCud40235). The entry has a CVSSv2 base score of 4.0 (Medium) with network attack ...

4CVSS6.3AI score0.00947EPSS
CVE
CVE
added 2013/05/16 1:0 a.m.41 views

CVE-2013-1244

The CVE-2013-1244 entry describes an XSS vulnerability in the Cisco WebEx Social portal module. A remote, authenticated user can inject arbitrary web script or HTML via a javascript: URL entered in the link field of a post. The affected component is the portal module of Cisco WebEx Social; the im...

3.5CVSS5.4AI score0.00767EPSS
CVE
CVE
added 2013/06/21 9:0 p.m.39 views

CVE-2013-3392

CVE-2013-3392 affects Cisco WebEx Social. The issue stems from insufficient CSRF protections on multiple WebEx Social web pages, enabling an unauthenticated, remote attacker to hijack a user’s session by inducing them to perform unwanted actions. Root cause: CSRF protection gaps that allow arbitr...

4.3CVSS7.5AI score0.00476EPSS
CVE
CVE
added 2013/05/16 1:0 a.m.38 views

CVE-2013-1245

Cisco WebEx Social’s user-management page is vulnerable to a client-side validation bypass that, due to insufficient server-side validation, lets an authenticated remote attacker inject arbitrary values into Screen Name, Email Address, First/Middle/Last Name, and Job Title fields. Impact: bypass ...

4CVSS6.5AI score0.00997EPSS
CVE
CVE
added 2013/01/17 3:0 p.m.36 views

CVE-2012-6397

Cisco WebEx Social (formerly Cisco Quad) is affected by CVE-2012-6397, a Cross-site Scripting (XSS) vulnerability exploitable via a crafted RSS service link (Bug ID CSCub61977). The vulnerability enables remote attackers to inject arbitrary web script or HTML. Core impact is partial integrity exp...

4.3CVSS5.8AI score0.00942EPSS