Cisco WebEx Meetings Server Reflected Cross-Site Scripting Vulnerability
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to perform reflected cross-site scripting (XSS) attacks.The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by persuading a user to click a crafted URL that is designed to submit malicious code to the affected software. A successful exploit would allow an attacker to execute malicious code in the context of the user.
Cisco released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
This advisory is available at the following link: http://ift.tt/29HU8aD
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to perform reflected cross-site scripting (XSS) attacks.The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by persuading a user to click a crafted URL that is designed to submit malicious code to the affected software. A successful exploit would allow an attacker to execute malicious code in the context of the user.
Cisco released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
This advisory is available at the following link: http://ift.tt/29HU8aD
Security Impact Rating: Medium
CVE: CVE-2016-1449
from Cisco Security Advisory http://ift.tt/29HU8aD