漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Cisco Webex Meetings Cross-Site Scripting Vulnerability
Vulnerability Description
A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based interface of Cisco Webex Meetings. An attacker could exploit this vulnerability by persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
Web页面中脚本相关HTML标签转义处理不恰当(基本跨站脚本)
Vulnerability Title
Cisco Webex Meetings 跨站脚本漏洞
Vulnerability Description
Cisco Webex Meetings是美国思科(Cisco)公司的一套视频会议解决方案。 Cisco Webex Meetings 存在跨站脚本漏洞,该漏洞源于Cisco Webex Meetings 的基于 Web 的界面中的漏洞可能允许未经身份验证的远程攻击者对基于 Web 界面的用户进行跨站点脚本 (XSS) 攻击。此漏洞是由于对用户验证不足造成的 - Cisco Webex Meetings 的基于 Web 的界面提供的输入。 攻击者可以通过诱使界面用户单击恶意制作的链接来利用此漏洞。 成功的
CVSS Information
N/A
Vulnerability Type
N/A