Home Unlabelled Cisco WebEx Meetings Server Administrator Interface Reflected Cross-Site Scripting Vulnerability

Cisco WebEx Meetings Server Administrator Interface Reflected Cross-Site Scripting Vulnerability

By
Thursday, July 14, 2016
Read
Add Comment
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks.

The vulnerability is due to insufficient sanitization of user-supplied input by the affected software. An unauthenticated, remote attacker could exploit this vulnerability by persuading a user to visit a malicious URL. A successful exploit could allow the attacker to conduct reflected XSS attacks in the user’s browser session, which could be used to conduct further attacks.

Cisco released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: http://ift.tt/29HUfDn A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks.

The vulnerability is due to insufficient sanitization of user-supplied input by the affected software. An unauthenticated, remote attacker could exploit this vulnerability by persuading a user to visit a malicious URL. A successful exploit could allow the attacker to conduct reflected XSS attacks in the user’s browser session, which could be used to conduct further attacks.

Cisco released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: http://ift.tt/29HUfDn
Security Impact Rating: Medium
CVE: CVE-2016-1447

from Cisco Security Advisory http://ift.tt/29HUfDn
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us