关键信息 1. 漏洞描述: - 漏洞类型: Cisco Webex Meetings Cross-Site Scripting (XSS) Vulnerability - 影响范围: Cisco Webex Meetings, which is cloud based. - 影响程度: Medium (Base 6.1) 2. 漏洞详情: - 漏洞原因: Insufficient validation of user-supplied input by the web-based interface of Cisco Webex Meetings. - 攻击方式: An attacker could exploit this vulnerability by persuading a user of the interface to click a maliciously crafted link. - 影响: A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. 3. 受影响的产品: - 受影响产品: Cisco Webex Meetings, which is cloud based. 4. 修复措施: - 已修复: Cisco has released software updates that address this vulnerability. - 用户行动: No user action is required. 5. 安全政策: - 安全政策链接: Cisco Security Vulnerability Policy 6. 评级: - 平均评级: 5 stars (0 votes) - 用户评级: 5 stars (0 votes) 7. 来源: - 报告人: Hatim Chabik 8. URL: - 漏洞详情页: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-xss-FmbPu2pe 9. 修订历史: - 版本: 1.0 - 发布日期: 2022-JAN-19 法律免责声明 免责声明: THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. 其他信息 相关链接: Cisco Security Vulnerability Policy 订阅安全通知: Subscribe to Cisco Security Notifications 联系信息: Contact Us