A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated, remote attacker to modify a web page in the context of a user's browser. The vulnerability is due to improper checks on parameter values in affected pages. An attacker could exploit this vulnerability by persuading a user to follow a crafted link that is designed to pass HTML code into an affected parameter. A successful exploit could allow the attacker to alter the contents of a web page to redirect the user to potentially malicious websites, or the attacker could use this vulnerability to conduct further client-side attacks.
Metrics
Affected Vendors & Products
References
History
Sat, 09 Nov 2024 00:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2021-04-08T04:06:37.588466Z
Updated: 2024-11-08T23:27:36.041Z
Reserved: 2020-11-13T00:00:00
Link: CVE-2021-1420
Vulnrichment
Updated: 2024-08-03T16:11:17.058Z
NVD
Status : Modified
Published: 2021-04-08T04:15:13.327
Modified: 2024-11-21T05:44:19.410
Link: CVE-2021-1420
Redhat
No data.