Cross-Site Scripting Vulnerability in Cisco WebEx Sales Center
CVE-2013-6711

Currently unrated

Key Information:

Vendor: Cisco
Status: Webex Sales Center
Vendor: CVE Published:; 14 December 2013

Summary

A cross-site scripting vulnerability exists in Cisco WebEx Sales Center's product-creation administrative page. This flaw allows remote attackers to inject arbitrary web scripts or HTML through crafted URLs. If successfully executed, such scripts could lead to unauthorized actions on behalf of users, exposing sensitive information and compromising user interactions. Organizations using this platform should take immediate measures to apply any available security updates and mitigate exposure to such attacks.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1029493

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Dec 14, 2013
Vulnerability Reserved
Nov 7, 2013