Cross-Site Scripting in Cisco WebEx Meeting Center
CVE-2013-6961

Currently unrated

Key Information:

Vendor: Cisco
Status: Webex Meeting Center
Vendor: CVE Published:; 14 December 2013

Summary

The Collaboration Partner Access Console (CPAC) in Cisco WebEx Meeting Center is susceptible to a cross-site scripting (XSS) vulnerability that enables remote attackers to inject arbitrary web scripts or HTML into web pages. This can occur via a specially crafted URL, which, if successfully exploited, could lead to unauthorized actions against users or the exposure of sensitive information. This flaw highlights the importance of implementing robust input validation and output encoding to prevent such attacks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/89696

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/64288

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1029494

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Dec 14, 2013
Vulnerability Reserved
Dec 5, 2013