Vulnerabilities > Cisco > Webex Meetings > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-07-07 CVE-2023-20133 Cross-site Scripting vulnerability in Cisco Webex Meetings
A vulnerability in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because of insufficient validation of user-supplied input in Webex Events (classic) programs, email templates, and survey questions.
network
low complexity
cisco CWE-79
5.4
2023-07-07 CVE-2023-20180 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Webex Meetings
A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web interface on an affected system.
network
low complexity
cisco CWE-352
4.3
2023-04-05 CVE-2023-20132 Cross-site Scripting vulnerability in Cisco Webex Meetings
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack or upload arbitrary files as recordings.
network
low complexity
cisco CWE-79
5.4
2023-04-05 CVE-2023-20134 Unrestricted Upload of File with Dangerous Type vulnerability in Cisco Webex Meetings
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack or upload arbitrary files as recordings.
network
low complexity
cisco CWE-434
6.5
2022-08-10 CVE-2022-20820 Cross-site Scripting vulnerability in Cisco Webex Meetings
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface.
network
low complexity
cisco CWE-79
5.4
2022-08-10 CVE-2022-20852 Improper Restriction of Rendered UI Layers or Frames vulnerability in Cisco Webex Meetings
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface.
network
low complexity
cisco CWE-1021
6.5
2022-04-21 CVE-2022-20778 Cross-site Scripting vulnerability in Cisco Webex Meetings
A vulnerability in the authentication component of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface.
network
low complexity
cisco CWE-79
6.1
2021-11-04 CVE-2021-40128 Unspecified vulnerability in Cisco Webex Meetings
A vulnerability in the account activation feature of Cisco Webex Meetings could allow an unauthenticated, remote attacker to send an account activation email with an activation link that points to an arbitrary domain.
network
low complexity
cisco
5.3
2021-06-04 CVE-2021-1544 Exposure of System Data to an Unauthorized Control Sphere vulnerability in Cisco Webex Meetings
A vulnerability in logging mechanisms of Cisco Webex Meetings client software could allow an authenticated, local attacker to gain access to sensitive information.
local
low complexity
cisco CWE-497
5.5
2021-04-08 CVE-2021-1467 Unspecified vulnerability in Cisco Webex Meetings
A vulnerability in Cisco Webex Meetings for Android could allow an authenticated, remote attacker to modify the avatar of another user.
network
low complexity
cisco
4.3