Vulnerabilities > CVE-2022-20852 - Improper Restriction of Rendered UI Layers or Frames vulnerability in Cisco Webex Meetings

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

cisco

CWE-1021

NVD

Published: 2022-08-10

Updated: 2023-11-07

Summary

Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. For more information about these vulnerabilities, see the Details section of this advisory.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Webex Meetings -	1

Common Weakness Enumeration (CWE)

CWE-1021 - Improper Restriction of Rendered UI Layers or Frames

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-xss-frmhijck-kO3wmkuS