First published: Wed Apr 05 2023(Updated: )
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack or upload arbitrary files as recordings. For more information about these vulnerabilities, see the Details section of this advisory.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Webex Meetings |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-20134 refers to multiple vulnerabilities in the web interface of Cisco Webex Meetings that could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack or upload arbitrary files as recordings.
The severity of CVE-2023-20134 is medium, with a severity value of 6.5.
An attacker can exploit the vulnerabilities in CVE-2023-20134 by conducting a stored cross-site scripting (XSS) attack or by uploading arbitrary files as recordings.
The affected software of CVE-2023-20134 is Cisco Webex Meetings.
More information about CVE-2023-20134 can be found in the Cisco Security Advisory at: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wbx-sxss-fupl-64uHbcm5