A vulnerability in certain web pages of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to modify a web page in the context of a browser. The vulnerability is due to improper checks on parameter values within affected pages. An attacker could exploit this vulnerability by persuading a user to follow a crafted link that is designed to pass HTML code into an affected parameter. A successful exploit could allow the attacker to alter the contents of a web page to redirect the user to potentially malicious web sites, or the attacker could leverage this vulnerability to conduct further client-side attacks.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2020-07-16T17:21:05.261670Z
Updated: 2024-09-16T23:16:17.657Z
Reserved: 2019-12-12T00:00:00
Link: CVE-2020-3345
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-07-16T18:15:17.580
Modified: 2021-08-06T18:46:50.967
Link: CVE-2020-3345
Redhat
No data.