First published: Wed Apr 05 2023(Updated: )
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack or upload arbitrary files as recordings. For more information about these vulnerabilities, see the Details section of this advisory.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Webex Meetings |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for these vulnerabilities is CVE-2023-20132.
The affected software of CVE-2023-20132 is Cisco Webex Meetings.
The severity rating of CVE-2023-20132 is medium, with a CVSS score of 5.4.
The vulnerabilities in CVE-2023-20132 could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack or upload arbitrary files as recordings.
Yes, Cisco has released a security advisory with information on mitigations and fixed software versions for CVE-2023-20132. Please refer to the Cisco Security Advisory for more details.