Vulnerabilities > Cisco > Webex Meetings > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-07 | CVE-2023-20133 | Cross-site Scripting vulnerability in Cisco Webex Meetings A vulnerability in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because of insufficient validation of user-supplied input in Webex Events (classic) programs, email templates, and survey questions. | 5.4 |
| 2023-07-07 | CVE-2023-20180 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Webex Meetings A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web interface on an affected system. | 4.3 |
| 2023-04-05 | CVE-2023-20132 | Cross-site Scripting vulnerability in Cisco Webex Meetings Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack or upload arbitrary files as recordings. | 5.4 |
| 2023-04-05 | CVE-2023-20134 | Unrestricted Upload of File with Dangerous Type vulnerability in Cisco Webex Meetings Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack or upload arbitrary files as recordings. | 6.5 |
| 2022-08-10 | CVE-2022-20820 | Cross-site Scripting vulnerability in Cisco Webex Meetings Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. | 5.4 |
| 2022-08-10 | CVE-2022-20852 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Cisco Webex Meetings Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. | 6.5 |
| 2022-04-21 | CVE-2022-20778 | Cross-site Scripting vulnerability in Cisco Webex Meetings A vulnerability in the authentication component of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. | 6.1 |
| 2021-11-04 | CVE-2021-40128 | Unspecified vulnerability in Cisco Webex Meetings A vulnerability in the account activation feature of Cisco Webex Meetings could allow an unauthenticated, remote attacker to send an account activation email with an activation link that points to an arbitrary domain. | 5.3 |
| 2021-06-04 | CVE-2021-1544 | Exposure of System Data to an Unauthorized Control Sphere vulnerability in Cisco Webex Meetings A vulnerability in logging mechanisms of Cisco Webex Meetings client software could allow an authenticated, local attacker to gain access to sensitive information. | 5.5 |
| 2021-04-08 | CVE-2021-1467 | Unspecified vulnerability in Cisco Webex Meetings A vulnerability in Cisco Webex Meetings for Android could allow an authenticated, remote attacker to modify the avatar of another user. | 4.3 |