A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated, remote attacker to modify a web page in the context of a user's browser. The vulnerability is due to improper checks on parameter values in affected pages. An attacker could exploit this vulnerability by persuading a user to follow a crafted link that is designed to pass HTML code into an affected parameter. A successful exploit could allow the attacker to alter the contents of a web page to redirect the user to potentially malicious websites, or the attacker could use this vulnerability to conduct further client-side attacks.
History

Sat, 09 Nov 2024 00:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2021-04-08T04:06:37.588466Z

Updated: 2024-11-08T23:27:36.041Z

Reserved: 2020-11-13T00:00:00

Link: CVE-2021-1420

cve-icon Vulnrichment

Updated: 2024-08-03T16:11:17.058Z

cve-icon NVD

Status : Modified

Published: 2021-04-08T04:15:13.327

Modified: 2024-11-21T05:44:19.410

Link: CVE-2021-1420

cve-icon Redhat

No data.