CVE-2018-15461
Cisco Webex Business Suite Cross-Site Scripting Vulnerability
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 6.1EPSS 1.2%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
10 jan 2019Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability in the MyWebex component of Cisco Webex Business Suite could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by convincing a user to click a crafted URL. To exploit this vulnerability, the attacker may provide a link that directs a user to a malicious site and use misleading language or instructions to persuade the user to follow the provided link.
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Produtos afetados
Cisco · Cisco WebEx Meeting CenterQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →