Cross-Site Request Forgery Vulnerability in Cisco WebEx Training Center
CVE-2013-1109

Currently unrated

Key Information:

Vendor: Cisco
Status: Webex Training Center
Vendor: CVE Published:; 17 January 2013

Summary

A cross-site request forgery (CSRF) vulnerability exists within the testingLibraryAction.do component of Cisco WebEx Training Center. This flaw enables remote attackers to exploit authenticated user sessions, potentially allowing them to perform unauthorized actions such as deleting tests. This vulnerability raises significant security concerns for users relying on the platform for training and collaborative sessions, as it compromises user authentication integrity.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1028016

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Jan 17, 2013
Vulnerability Reserved
Jan 11, 2013